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FOREWORD 

The  combination  of  the  information  age,  technology,  and 
national  policy,  has  irrevocably  pushed  the  United  States 
and  the  National  Security  Agency  (NSA)  into  an  Information 
Systems  Security  age.  The  explosion  in  the  uses  of 
telecommunication  devices  and  automated  information  systems 
has  resulted  in  a  corresponding  explosion  in  opportunities 
for  unauthorized  exploitation  of  valuable  inforaation.  The 
technology  necessary  to  perform  this  exploitation  is 
available  not  only  to  our  foreign  adversaries  but  also  to 
terrorists  and  other  criminal  elements. 

The  Information  Systems  Security  Organization  of  NSA  is 
committed  to  fulfilling  its  role  in  providing  the  guidance 
and  assistance  necessary  to  protect  classified  and  certain 
sensitive  information,  including  that  processed  by  U.S. 
Government  departments  and  agencies  and  U.S.  Government 
contractors . 

This  compilation  of  inf oraation  systems  security 
products  and  services  is  provided  to  assist  in  the  selection 
of  products  that  will  provide  an  appropriate  level  of 
information  security.  This  document  brings  together  the 
various  listings  of  NSA-evaluated  information  systems 
security  products  and  services  that  may  be  used  to  protect 
information  at  several  levels  of  sensitivity.  It  is  not 
intended  as  a  comprehensive  tutorial  or  manual  on  the  broad 
topic  of  information  systems  security.  It  should  be  viewed, 
instead,  as  a  source  document  and  working  aid  for  those  who 
have  established  a  need  for  such  products  or  services. 
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PUBLICATION  INFORMATION 


This  publication  may  be  ordered  from  the  Government  Printing 
Office  (GPO)  in  the  form  of  a  yearly  subscription.  Prices  are  not 
quoted  here  because  rates  and  frequency  of  publication  are  subject 
to  change. _  The  GPO  will  accept  Mastercard  or  Visa  orders  with  a 
valid  credit  card  number  and  expiration  date.  Requests  for 
subscriptions  should  be  addressed  to: 

Superintendent  of  Documents 
U.S.  Government  Printing  Office 
Washington,  DC  20402 

Telephone  orders  may  be  placed  by  calling  (202)  783-3238. 

For  further  assistance  or  information  write  to: 

Director 

National  Security  Agency 

ATTN:  INFOSEC  Office  of  Customer  Relations 

Ft.  George  G.  Meade,  MD  20755-6000 


This  Catalogue  is  also  available  on-line  from  DOCKMASTER. 
Details  are  available  in  the  DOCKMASTER  portion  of  Section  four. 


ii 


TABLE  OF  CONTENTS 


INTRODUCTION . . IV 

CHAPTER  ONE  -  ENDORSED  CRYPTOGRAPHIC  PRODUCTS 

list . thru  1-20 

CHAPTER  TWO  -  NSA-ENDORSED  DATA  ENCRYPTION  STANDARD 

(DES)  PRODUCTS  LIST . 2-1  thru  2-68 

CHAPTER  THREE  -  PROTECTED  NETWORK  SERVICES 

list . 3-1  thru  3-3 

CHAPTER  FOUR  -  EVALUATED  PRODUCTS  LIST  FOR  TRUSTED 

COMPUTER  SYSTEMS . 4-1  thru  4-6.12 

PUBLICATIONS  ISSUED  BY  THE  STANDARDS,  CRITERIA 
AND  GUIDELINES  DIVISION 

ENDORSED  TOOLS  LIST 

EXPLANATION  AND  ACCOUNT  REQUEST  FORM  FOR 
DOCKMASTER 

CHAPTER  FIVE  -  PREFERRED  PRODUCTS  LIST - 5-1  thru  5-86 

CHAPTER  SIX  -  THE  ENDORSED  AND  POTENTIAL  TEMPEST 


PRODUCTS  LIST . 6-1  thru  6-76 

CHAPTER  SEVEN  -  ENDORSED  TEMPEST  TEST  SERVICES 

list  . 7-1  thru  7-9 

CHAPTER  EIGHT  -  NSA  DEGAUSSER  PRODUCTS 

list . 8-1  thru  8-8 

CHAPTER  NINE  -  OFF-LINE  SYSTEMS . 9-1  thru  9-3 


iii 


INTRODUCTION 


Background; 

The  National  Security  Agency  (NSA)  manages  a  variety  of 
information  systems  security  programs.  These  programs  had  long 
been  divided  into  two  main  areas:  Communications  Security 
(COMSEC)  including  TEMPEST,  and  Computer  Security  (COMPUSEC) . 
COMSEC  is  protective  measures  designed  to  prevent  unauthorized 
access,  disclosure,  acquisition,  manipulation,  modification,  or 
loss  of  information  while  it  is  being  communicated,  regardless  of 
the  medium  used  -e.g.,  telephone,  microwave,  or  satellite. 

COMPUSEC  is  protective  measures  designed  to  prevent  deliberate  or 
inadvertent  unauthorized  access,  disclosure,  acquisition, 
manipulation,  modification  or  loss  of  information  while  it  is 
being  automatically  processed  or  stored.  These  two  primary 
disciplines  -  COMSEC  and  COMPUSEC  -  were  organizationally  joined 
at  NSA  in  order  to  most  effectively  meet  the  nation's  need  for  a 
total  information  systems  security  program.  From  the  previous 
program  divisions  and  separate  disciplines  have  come  lists  of 
information  systems  security  products  and  services  that  have 
either  been  evaluated  against  established  standards,  or  been 
endorsed  by  NSA  as  having  met  the  requirements  and  standards  set 
for  these  products  by  the  government.  These  lists  now  make  up  the 
Information  Systems  Security  Products  and  Services  Catalogue. 

How  to  Determine  Your  Information  Systems  Security  Needs ; 

The  selection  of  the  correct  products  and  services  for  an 
organization's  particular  needs  is  frequently  a  complex  matter, 
involving  an  assessment  of  the  value  and  sensitivity  of  the 
organization's  information,  the  threats  to  that  information,  and 
vulnerability  of  that  information  to  exploitation.  Once  the 
value,  vulnerability,  and  threat  have  been  determined,  the  next 
step  is  to  provide  appropriate  protection  and  security.  An 
exhaustive  explanation  of  how  an  organization  goes  about  making 
these  determinations  is  beyond  the  scope  of  this  document. 

A  U.S.  Government  contractor  should  raise  the  issue  of  security 
and  assistance  with  your  Government  program  sponsor.  An  employee 
of  a  U.S.  Government  organization  should  contact  his 
organization's  telecommunications  and/or  computer  security  focal 
point. 

For  additional  information,  write  to: 

Director 

National  Security  Agency 

ATTN:  INFOSEC  Office  of  Customer  Relations 

Fort  George  G.  Meade,  MD  20755-6000 
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Categories  of  Information ; 

The  products  and  services  presented  in  this  catalogue  are  designed 
for  use  in  securing  two  general  categories  of  Government  or 
Government“derived  information!  classified,  and  sensitive 
unclassified.  All  of  the  products  and  services  mentioned  may  be 
used  to  protect  unclassified  sensitive  information.  Many  can  be 
used  in  applications  involving  Government  classified  information. 
Most  -  but  not  all  -  of  the  products  are  also  suitable  for  use  by 
U.S.  private  companies  and  citizens  to  protect  information. 

Purchase  and  Use  Restrictions: 


Although  most  of  the  products  and  services  listed  can  be  purchased 
within  the  United  States,  some  may  have  restrictions  on  their 
purchase  and  use.  For  example,  the  purchase  of  "Type  1”  Endorsed 
Cryptographic  Products  is  limited  to  the  U.S.  Government  and  its 
contractors.  Restrictions,  if  any,  are  dependent  on  the  type  of 
product.  Direct  inquiries  relative  to  such  restrictions  to: 

Director 

National  Security  Agency 

ATTN:  X51 

Fort  George  G.  Meade,  MD.  20755-6000 
Organization  Of  This  Document : 

To  assist  you  in  selecting  the  correct  information  systems 
security  product  and/or  service  for  the  level  of  information  you 
need  to  secure  or  protect,  and  for  the  environment  in  which  it 
needs  to  be  protected,  the  lists  are  presented  in  chapter  format 
with  individual  introductions  provided  for  each.  Each 
introduction  gives  details  concerning  the  particular  list  and 
provides  points  of  contact  for  further  general  information  on  the 
program  that  generated  the  list.  The  lists  provide  company  points 
of  contact  for  further  information  relating  to  a  specific  product 
or  service.  All  of  the  information  systems  security  products  and 
services  contained  in  this  document  are  available  to  eligible 
buyers  directly  from  the  company  points  of  contact  provided  in 
each  list.  The  company  points  of  contact  can  also  provide 
information  on  buyer  eligibility  and  product  or  service  price  and 
availability. 

The  nine  chapters  in  the  Information  Systems  Security  Products  and 
Services  Catalogue  are: 

i*  Endorsed  Cryptographic  Products  List 

2 .  NSA  Endorsed  Data  Encryption  standard  (DES)  Products 

List 

3.  Protected  Network  Services  List 

4 .  Evaluated  Products  List 

5.  Preferred  Products  List 
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6.  Endorsed  and  Potential  TEMPEST  Products  Lists 

7 .  The  Endorsed  TEMPEST  Test  Services  List 

8.  NSA  Degausser  Products  List 

9 .  Off-Line  Systems 

A  general  explanation  of  each  list  is  included  below  as  a  guide: 


Endorsed  Cryptographic  Products  List: 

The  Endorsed  Cryptographic  Products  List  contains  products  that 
provide  electronic  cryptographic  coding  (encrypting)  and  decoding 
(decrypting) ,  and  which  have  been  endorsed  for  use  in  classified 
or  sensitive  unclassified  U.S.  Government  or  Government-derived 
information  during  its  transmission.  This  endorsement  means  that 
the  cryptographic  subsystems  have  been  certified  as  having  met 
National  Security  Agency  security  specifications  and  that  the 
product  has  been  endorsed  for  the  appropriate  level  of  security. 
Products  in  this  chapter  are  listed  in  two  categories:  "Type  1" 
products,  which  were  designed  to  secure  classified  information 
(but  which  can  also  be  used  to  protect  sensitive  unclassified 
information) ,  and  "Type  2"  products,  which  are  designed  to  protect 
unclassified  sensitive  information,  and  may  not  be  used  to  secure 
classified  information. 


NSA  Endorsed  Data  Encryption  Standard  (DES)  Products  List: 

For  a  number  of  years,  the  Government  has  endorsed  a  publicly 
published  cryptographic  algorithm  (i.e.,  a  technical  explanation 
of  one  way  to  accomplish  encryption  and  decryption)  called  the 
Data  Encryption  Standard  (DES) .  A  related  Federal  Government 
standard  -  Federal  Standard  1027  -  describes  how  the  DES  algorithm 
should  be  built  into  cryptographic  hardware.  Cryptographic 
products  that  are  endorsed  by  the  National  Security  Agency  as 
meeting  Federal  Standard  1027  are  contained  on  the  NSA  Endorsed 
Data  Encryption  Standard  (DES)  Products  List.  These  DES  products 
have  been  endorsed  for  use  in  protecting  U.S.  Government  or  U.S. 
Government-derived  unclassified  sensitive  information  during 
transmission.  They  may  not  be  used  to  secure  classified 
information. 

Protected  Network  Services  List: 

The  Protected  Network  Services  List  contains  the  names  and  points 
of  contact  for  commercial  carriers  providing  Government -approved 
"Protected  Services"  for  your  communications.  Companies  listed 
here  offer  to  provide  protection  service  rather  than  a  product. 
These  services  may  involve  techniques  such  as  bulk  trunk 
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encryption,  or  guaranteed  routing  on  lines  which  have  a  degree  of 
inherent  security.  Such  "Protected  Services”  may  be  approved  for 
the  protection  of  sensitive  unclassified  information  being 
transferred  from  one  point  to  another.  Because  of  the  variety  of 
types  of  seryice  offered  under  this  program,  it  is  suggested  that 
interested  persons  contact  the  companies  on  the  list  for  further 
information. 

Evaluated  Products  List: 

Products  on  the  Evaluated  Products  List  are  computer  systems, 
software,  or  components  that  protect  information  while  it  is  being 
stored  or  processed.  They  have  been  evaluated  by  the  Government 
as  to  the  degree  of  trust  that  can  be  placed  in  them.  In  order  to 
assess  this,  the  DoD  Trusted  Computer  System  Eyaluation  Criterj^ 
was  written  and  products  were  eyaluated  against  this  criteria  and 
cfiven  a  leyel  of  trustworthiness.  The  criteria  levels  are 
explained  in  the  chapter  for  this  list.  Included  in  this  chapter 
is  the  Endorsed  Tools  List.  This  information  is  provided  in  order 
to  inform  system  developers  which  formal  specification  and 
verification  tools  are  endorsed  by  the  National  Computer  Security 
Center  for  use  in  designing  systems  at  the  criteria's  A1  level  of 
security. 

Preferred  Products  List: 

Products  evaluated  for  their  TEMPEST  characteristics  are  found  on 
the  Preferred  Products  List.  TEMPEST  is  the  short  name _used  to 
refer  to  the  overall  study  of  "compromising  emanations."  These 
emanations  are  unintentional,  intelligence  bearing  electromagnetic 
signals  that  might  disclose  sensitive  information  transmitted, 
received,  handled  or  otherwise  processed  by  an  infopnation- 
processing  system.  This  list  identifies  telecommunications  and 
information-processing  equipment  and  systems  that  conform  to  the 
current  national  TEMPEST  standard.  This  chapter  will  be  of 
interest  primarily  to  those  who  have  classified  information  to 

secure . 


Endorsed  and  Potential  TEMPEST  Products  List: 


A  list  of  commercially  developed  and  commercially  produced  TEMPEST 
telecommunications  equipment  that  NSA  has  endorsed,  under  the 
auspices  of  the  NSA  Endorsed  TEMPEST  Products  Program,  for  use  by 
government  entities  and  their  contractors  to  process  classified 
U.S.  Government  information. 

Endorsed  TEMPEST  Test  Services  List: 

A  listing  of  commercial  TEMPEST  test  services  facilities  that  NSA 
has  endorsed  under  the  auspices  of  the  Endorsed  TEMPEST  Test 
Services  Program,  for  use  by  U.S.  Government  departments  and 
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agencies,  U.S.  Government  contractors  and  eligible  TEMPEST  product 
manufacturers  to  conduct  TEMPEST  test  services  related  to  the 
development  and  production  of  TEMPEST  products. 

NSA  Degausser  Products  List; 

This  list  provides  data  on  units  that  have  been  evaluated  against 
specific  requirements  for  the  erasure  of  classified  data  from 
magnetic  media. 

Off-Line  Systems ; 

This  chapter,  which  is  designed  primarily  for  use  by  military  and 
DoD  customers,  briefly  describes  a  variety  of  off-line 
capabilities  that  NSA  can  provide  to  meet  customer  requirements. 
Off-line  refers  to  those  cryptosystems  where  encryption  and 
decryption  are  performed  separately  from  the  transmitting  and 
receiving  functions. 


ENDORSED  CRYPTOGRAPHIC  PRODUCTS  LIST 


The  National  Security  Agency  (NSA)  has  established  an  inventory 
of  cryptographic  and  related  items  which  carry  an  NSA 
endorsement.  This  endorsement  means  that  the  communications 
security  (COMSEC)  subsystem  has  been  certified  as  having  met  the 
appropriate  minimum  Agency  security  requirements  and  is 
therefore  endorsed  for  use  to  secure  the  applicable  level  of 
Government  information.  The  endorsement  does  not  extend  beyond 
the  security-related  characteristics  of  the  product.  NSA  does 
not  make,  by  virtue  of  its  endorsement,  any  warranty  or 
representation  regarding  the  efficacy  or  fitness  for  use  of  the 
products  contained  on  the  Endorsed  Cryptographic  Products  Li^ 

(ECPL) .  .  _  . . 

The  ECPL  contains  a  variety  of  items  ranging 

from  components  to  finished  products  with  embedded _ cryptography . 
Products  on  this  list  are  divided  into  two  categories,  Type  1 
and  "Type  2."  Type  1  products  are  used  to  secure  classified 
information  and  are  handled  as  Controlled  Cryptographic  Items 
(CCI)  Type  1  products  may  also  be  used  to  secure  certain 
unclassified  Government  information.  Type  2  products  are  used 
to  protect  only  certain  unclassified  Government  information  and 
are  used  to  protect  only  certain  unclassified  Government 
information  and  are  handled  as  Endorsed-f or-Unclassif ied 
Cryptographic  Items  (EUCI).  NSA-endorsed  cryptographic  products 
are  available  for  purchase  and  use  only  by  the  U.S.  Government 
and  its  sponsored  contractors  or  entities.  NSA  does  not 
normally  supply  either  Type  1  or  Type  2  products,  but  instead 
permits  Authorized  Vendors  and  Commercial  COMSEC  Endorsement 
Program  (CCEP)  participants  to  sell  these  products  directly  to 
eligible  purchasers.  CCI  Type  1  products  are  unclassified  when 
unkeyed.  When  keyed,  CCI  Type  1  products  assume  the  classified 
level  of  the  key  being  used.  Type  2  products  may  be  operated 

only  with  unclassified  key. 

Direct  availability  of  listed  products  in  no  way 

exempts  the  purchasing  entity  from  complying  with  the  Federal 
Acquisition  Regulation  and  all  applicable  local  department  and 
agency  regulations.  Federal  departments  and  agencies  shou 
contact  their  appropriate  Contracting  Officers  to  see  if  direct 
contract  purchasing  is  included  in  their  procurement  strategy 

for  a  particular  product.  ^  ^  ..w 

Further  information  about  a  product  on  this  list 

should  be  obtained  from  the  company  points  of  contact  provided. 
Companies  desiring  information  concerning  the  process 
proposing  the  development  of  candidate  security  products  for  t  e 
ECPL  should  contact: 

DIRECTOR 

National  Security  Agency 
ATTN:  X51 

Ft.  George  G.  Meade,  MD  20755-6000 
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COMPANY  NAME 


VENDOR  POC  &  NUMBER 


PRODUCT 


TYPE  1  PRODUCTS; 

Allied  Signal  Corp., 
Bendix  Comm.  Div. 

1300  East  Joppa  Rd. 
Baltimore,  MD  21204 

E-Systems,  Inc. 

P.O.  Box  33010 
St.  Petersburg,  FL 

33733 

*  Communication  Systems 
Technology,  Incorp. 
9740  Patuxent  Woods  Dr. 
Columbia,  MD  21046 


Mr.  Jack  Shagena 
(301)583-4354 


Mr.  Donald  Guenther 
(813)381-1155 


Mr.  Robert  E.  Pfister 
(301)381-5080 


KG-84A;  General  purpose 
encryption/decryption  device, 
low  to  medium  speed,  accepts 
asynchronous  or  synchronous 
input;  protects  all  class¬ 
ifications  of  digital 
traffic;  operates  in  full 
duplex,  half  duplex,  and 
simplex  modes;  exceeds  29,000 
hours  MTBF  in  office 
environment;  uses  common 
electronic  fill  devices. 


*  Pulse  Engineering,  Inc.  Mr.  Dave  Madsen 
12101  Indian  Creek  Court  (301)  725-6677 
Beltsville,  MD  20705 


Allied  Signal  Corp., 

Bendix  Comm.  Div. 

1300  East  Joppa  Rd. 
Baltimore,  MD  21204 

E-Systems,  Inc. 

P.O.  Box  33010 
St.  Petersburg,  FL 
33733 

*  Communication  Systems 

Technology,  Incorp. 
9740  Patuxent  Woods  Dr. 
Columbia,  MD  21046 

*  Pulse  Engineering,  Inc. 
12101  Indian  Creek  Court 
Beltsville,  MD  20705 


Mr.  Jack  Shagena 
(301)583-4354 


Mr.  Donald  Guenther 
(813)381-1155 


Mr.  Robert  E.  Pfister 
(301)381-5080 


Mr .  Dave  Madsen 
(301)  725-6677 


KG-84C ;  General  purpose 
encryption  device;  contains 
all  KG-84A  modes  in  addition 
to  variable  update  counter, 
improved  HF  performance, 
synchronous  out-of-sync 
detection,  asynchronous 
cipher  text,  plain  text, 
bypass,  and  European  TELEX 
protocol.  Fixed  plant  or 
tactical  applications;  MTBF 
exceeds  34,000  hrs  in  Com. 
Center  environments.  I/O 
pin-outs  differ  from  KG-84A 
Uses  KYK-13,  KOI-18,  or 
KYX-15  fill  devices. 


Allied  Signal  Corp. , 
Bendix  Comm.  Div. 

1300  East  Joppa  Rd. 
Baltimore,  MD  21204 

Group  Technologies 
Corporation 
10901  Malcolm  McKinley 
Dr . 

Tampa,  FL  33612 


Mr.  Jack  Shagena 
(301)583-4354 


Mr.  Tom  Campbell 
(813)972-6429 
Mr.  Wayne  Rich 
(813)972-6231 


KY-57/58  VINSON;  Secures 
VHF/UHF  AM/FM,  half-duplex 
radios  and  wirelines,  on¬ 
line  encryption/decryption 
for  all  level  of  classified 
information.  The  KY-58  is 
installation/aircraft  ver¬ 
sion.  Various  ancillary 
equipments  are  also  avail¬ 
able  for  special  installat¬ 
ions  . 
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*  Conununication  Systems  Mr.  Robert  E.  Pfister 
Technology,  Incorp.  (301)381-5080 

9740  Patuxent  Woods  Dr. 

Columbia,  MD  21246 


*  Pulse  Engineering,  Inc.  Mr.  Dave  Madsen 
12101  Indian  Creek  Court  (301)  725-6677 
Beltsville,  MD  20705 


Base  Ten  Systems,  Inc. 
One  Electronics  Drive 
P.O.  Box  3151 
Trenton,  NJ  08619 


Mr.  Marty  Bergman 
(408)741-0480 
or 

Mr.  Jack  Kelley 
(608)586-7010 


T1  COMSEC  Interface  Adapter 
(TCIA) ;  A  Type  1  Ancillary 
Device  for  use  with  the  KG-81/ 
KG-94/KG-194  family  of  High 
Speed  Encryption  Equipment 
when  securing  all  levels  of 
traffic  over  T1  transmission 
lines.  The  TCIA  provides  for 
full  duplex  interfacing  and 
any  necessary  signal 
conversion  between  the 
encryption  equipment  T1 
circuits,  such  as  commercial 
T1  Data  Terminal  Equipment 
(DTE)  multiplexers,  etc.  (the 
DTE  Interface)  on  one  side, 
and  between  leased  and 
privately  owned  T1  span  lines 
(the  Network  Interface)  on  the 
other . 


Allied  Signal  Corp.,  Mr.  Al  Horning 

Bendix  Comm.  Div.  (301)583-4000 

1300  E.  Joppa  Rd. 

Baltimore,  MD  21204 

*  Communication  Systems  Mr.  Robert  E.  Pfister 
Technology  Incorp.  (301)381-5080 

9740  Patuxent  Woods  Dr. 

Columbia,  MD  21046 

*  Pulse  Engineering,  Inc.  Mr.  Dave  Madsen 
12101  Indian  Creek  Court  (301)  725-6677 
Beltsville,  MD  20705 


KG-81 ;  The  KG-81  Trunk 
Encryption  Device  (TED)  is  a 
full  duplex  key  generator 
used  primarily  for  bulk  en¬ 
cryption  of  multi-channel 
traffic.  The  KG-81  encrypts 
and  decrypts  all  classifica¬ 
tions  of  data  at  any  speed 
from  200kbps  to  20Mbps.  The 
KG-81  is  cryptographically 
compatible  with  the  KG-94/ 
19A/194/194A  (up  to  13Mbps) 
and  the  KG-95  (between  10  and 
20  Mbps ) . 


Allied  Signal  Corp.,  Mr.  Al  Horning 
Bendix  Comm.  Div.  (301)583-4000 
1300  E.  Joppa  Rd. 

Baltimore,  MD  21204 


KGV-68;  It  is  a  small,  light¬ 
weight,  low  power,  embeddable 
Type  1  cryptographic  device 
that  can  be  incorporated  into 
a  variety  of  secure  applica- 


*  Authorized  to  sell,  install,  and  support,  these  equipments  which  are 
manufactured  by  another  company. 


1-3 


tions.  Encryption  and 
decryption  of  synchronous 
binary  data  is  performed  at 
data  rates  ranging  from  50 
bits  per  second  to  10  mega¬ 
bits  per  second  operating  in 
duplex  mode. 


AT&T  Federal  Systems 
Guildford  Center 
P.O.  Box  20046 
Greensboro,  NC  27420 
ATTN:  Dept.  71GC094400 

Motorola,  Inc.,  GEG 
P.O.  Box  1417 
8201  E.  McDowell 
Scottsdale,  AZ  85252 


Mr.  Michael  Agee 
(919)279-3475 


Mr.  Tim  Hall 
(602)441-2998 


General  Electric  Co.  Mr.  Peter  Piotti 

Government  Communications  (609)338-4507 
Systems  Department 
Front  and  Cooper  St. 

Camden,  NJ  08102 


STU-III  (Low  Cost  Terminal): 
Compact,  easy-to-use  tele¬ 
phones  that  can  be  used  for 
clear  or  secure  voice  or 
secure  data  communications. 
STU-IIIs  are  easily  installed 
and  will  operate  over  single 
telephone  lines  in  full  duplex 
mode.  Features  include  2.4, 
4.8,  9.6  voice  &  data; 

ACK/NACK  signaling,  and  SACS 
capabilities  in  both  Type  1 
and  2  terminals . 


Motorola,  Inc. 

8220  E.  Roosevelt  St. 
Scottsdale,  AZ  85257 


Mr.  Tim  Hall 
(602)441-4300 


General  Electric  Co.  Mr.  Pete  Piotti 

Government  Comm.  Sys.  Dept.  (609)338-4507 
Front  and  Cooper  Streets 
Camden,  NJ  08102 


STU-III  Transportable 
Terminals :  Couple  desktop 

STU-III  terminals  with 
cellular  capability  and 
transportability.  Voice/data 
rates  include  2.4,  4.8  and  9.6 
and  ACK/NACK  signaling.  Both 
Type  1  and  2  terminal  are 
available . 


^T&T  Mr.  Michael  Agee 

Guildford  Center  (919)279-3475 

P.O.  Box  20046 

Attn:  DEPT.  71GC094400 

Greensboro,  NC  27420 


Motorola,  Inc. 


Mr .  Tim  Hall 


STU-III  Secure  Data  Device: 

The  STU-III  Secure  Data  Device 
provides  a  simple  and  cost- 
effective  way  to  protect 
classified  government  data 
transmission.  The  SDD  can  be 
remotely  controlled  from  any 
fax,  PC  or  computer  that  is 
connected  its  RS232  data  port. 
Data  speeds  range  from  2.4  to 
9.6  full  duplex. 

STU-III/A:  The  STU-III/A 
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8220  E.  Roosevelt  St. 
Scottsdale,  AZ  85257 


(602)441-4300 


provides  a  direct  interface  to 
the  extensive  STU-II  community 
over  the  switched  telephone 
system  and  also  interoperates 
with  STU-II/A  and  other  Allied 
STU-II  equipment. 


Motorola,  Inc.,  GEG  Mr.  Tim  Hall 

8201  E.  McDowell  Rd.  (602)441-2998 

P.O.  Box  1417 
Scottsdale,  AZ  85252 


STU-III  Cellular  Telephone; 

A  member  of  the  STU-III  family 
and  interoperable  with  all 
versions  of  the  STU-III; 
combines  cellular  mobile 
radio-telephone  technology 
with  advanced  secure  voice/ 
data  communications.  The  unit 
includes  a  message  center, 
integrated  with  the  standard 
cellular  handset,  which  can  be 
conveniently  mounted  inside  a 
vehicle  and  provides  all 
STU-III  functions  including 
authentication/classification 
display.  The  cellular  is  used 
to  secure  TOP  SECRET  infor¬ 
mation  and  below,  and  to 
protect  sensitive  U.S.  Govern¬ 
ment  information. 


STU-II/B;  The  STU-II/B 
interoperates  over  switched 
telephone  systems  with  Allied 
STU-II  equipment  and  with  STU- 
III/A  terminals.  The  STU-II/B 
is  for  Foreign  Military  Sales 
(FMS)  only.  Direct  sale  of 
the  STU-II/B  terminal  is  not 
allowed. 


STU-III  Enhanced  Cellular; 

The  STU-III  Enhanced  Cellular 
terminal  combines  cellular 
mobile  radio-telephone 
technology  with  advanced 
secure  voice/data  comm¬ 
unications,  offering  2.4,  4.8, 
and  9.6  secure  voice  and 
4. 8/9. 6  secure  data.  The  unit 
includes  a  message  center, 
integrated  with  the  standard 
cellular  handset,  which  can  be 
conveniently  mounted  inside  a 
vehicle  and  provides  all 
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STU-III  functions  including 
authentication/classification 
display.  Type  1  Enhanced 
Cellular  terminals  are 
available  in  CONUS,  CONUS 
briefcase  and  CONUS/OCONUS  SCT 
configurations . 


Cincinnati  Electronics  Ms.  Susan  Shelton 

^  Corp.  (513)733-6100 

2630  Glendale-Milf ord  Road 
Cincinnati,  OH  45241-3187 


STU-III/R  (Remote  Control 
Interface;  The  STU-III/R 
provides  red  enclave 
subscribers  with  STU-III 
compatible  secure 
communications  in  a  rack¬ 
mounted,  remote  control  line 
encrypting  unit.  When  used  in 
conjunction  with  a  red  switch 
or  conferencing  director,  the 
STU-III/R  allows  users  to 
conference  STU-III  terminals 
and  have  secure  EPABX 
functions.  STU-III/R 
interfaces  can  be  applied  to 
field,  airborne  and  shipboard 
applications . 

AN/CSZ-4A  (Miste  II); 

Secure  UHF/SATCOM  LOS  package 
with  integrated  COMSEC. 

System  is  fitted  into  a 
5"  X  13"  X  19"  briefcase  and 
weighs  32  LBS.  Provides  half¬ 
duplex  wideband/narrowband 
voice/data,  secure  UHF  radio 
communications,  and  is 
interoperable  with  the  KY-57/ 
58  (VINSON)  and  KYV-5  (ANDVT) 
for  UHF  applications. 


Motorola,  Inc.,  GEG 
8201  E.  McDowell  Rd. 

P.O.  Box  1417 
Scottsdale,  AZ  85252 

*  Communication  Systems 

Technology,  Incorp. 
9740  Patuxent  Woods  Dr. 
Columbia,  MD  21046 

*  Pulse  Engineering,  Inc. 
12101  Indian  Creek  Court 
Beltsville,  MD  20705 


Ms.  Vicki  Beseke 
(602)441-2185 


Mr.  Robert  E.  Pfister 
(301)381-5080 


Mr .  Dave  Madsen' 
(301)725-6677 


KG-94/94A;  High  Speed  trunk/ 
bulk  encryption  device  oper¬ 
ating  between  9.6  Kbs  and  13 
Mbs;  protects  all  classif¬ 
ications  of  digital  traffic 
provides  secure  data  and  tele¬ 
conferencing  capabilities  for 
military  and  civilian  use; 
fits  into  19-inch  rack;  uses 
common  electronic  fill  devices 
devices;  KG-94A  designed  for 
mobile  tactical  use. 


Group  Technologies 


Ms.  Helen  Neil 


KG-194 ;  A  rack  mounted  unit. 
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(813)872-6244 


Corporation 

10901  Malcolm  Mckinley  Dr. 
Tampa,  FL  33612 

*  Communication  Systems 

Technology,  Incorp. 
9740  Patuxent  Woods  Dr. 
Columbia,  MD  21046 

*  Pulse  Engineering,  Inc. 
12101  Indian  Creek  Court 
Beltsville,  MD  20705 


Mr.  Robert  E.  Pfister 
(301)381-5080 


Mr .  Dave  Madsen 
(301)725-6677 


it  is  capable  of  digital 
voice  and  data  encryption  at 
rates  from  9.6  Kb/s  to  13  Mb/s 
by  employing  synchronous  key 
generators  for  transmission 
and  reception.  It  employs 
FIREFLY  rekey  technology  which 
allows  the  development  of  a 
new  and  unique  Traffic 
Encryption  Key  with  a  distant 
KG-194  without  the  on-line 
assistance  of  a  third  party. 


Group  Technologies 
Corporation 

10901  Malcolm  Mckinley  Dr. 
Tampa,  FL  33612 

*  Communication  Systems 

Technology,  Incorp. 
9740  Patuxent  Woods  Dr. 
Columbia,  MD  21046 

*  Pulse  Engineering,  Inc. 
12101  Indian  Creek  Court 
Beltsville,  MD  20705 


Ms.  Helen  Neil 
(813)972-6244 


Mr.  Robert  E.  Pfister 
(301)381-5080 


Mr.  Dave  Madsen 
(301)725-6677 


KG-194A;  A  tactical  version 
of  the  KG-194  that  is  suited 
for  mobile  communication 
systems  requiring  trunk 
encryption.  An  accessory  kit 
is  provided  which  can  be 
utilized  for  either  mounting 
the  KG-194A  directly  into  a 
19"  rack  or  provide  bumper 
protection  for  bench  mounting. 
It  has  the  same  electrical 
characteristics  and  capab¬ 
ilities  as  the  KG-194,  and  is 
approved  for  use  in  securing 
all  levels  of  traffic. 


Motorola,  Inc. 

8201  E.  McDowell  Rd. 
P.O.  Box  1417 
Scottsdale,  AZ  85252 


*  Communication  Systems 
Technology,  Incorp. 
9740  Patuxent  Woods  Dr. 
Columbia,  MD  21046 


Mr 


Mr 


.  Phil  Humphries  KG-95;  The  KG-95  is  a  family 
(602)441-2873  of  full  duplex,  fixed  plant, 

bulk  encryption/decryption  key 
generators  which  are  approved 
for  all  levels  of  traffic. 

The  KG-95/1  is  the  general 
.  Robert  E.  Pfister  purpose  version  of  the  KG-95, 
(301)381-5080  capable  of  operating  at  any 

data  rate  between  10  and  50 
Mb/s.  The  KG-95/2  operates 
only  at  the  fixed  DS-3  data 
rate  of  44.736  MB/s  and  is 
fully  compliant  with  AT&T 
specifications  for  DS-3  trans¬ 
mission  and  reception.  The 
KG-95R  consists  of  two  KG- 
95/2  's  providing  a  hot  spare 
capability. 


Harris  Corporation  Mr.  Steve  Robilard  Ricebi r d ; 

Military  and  Aerospace  Div.  (407)729-5528 

P.O.  Box  883  ,  ^  ^ 

Melbourne,  FL  32902-0883  U-ALV  and  U  ARV;  Satellite 
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Command  Encryption/Decryption 
and  Authentication  or  a  Tele¬ 
metry  Encryption/Decryption 
microcircuit.  Advanced 
versions  of  the  KG-46,  KG-57 
and  are  approved  for  the  pro¬ 
tection  of  Commercial,  Civil, 
and  DoD  Satellite  Systems. 
U-ALW  and  U-ARW:  Satellite 
Mission  data  Encryption/ 
Decryption  microcircuit. 
Advanced  versions  of  the 
KG-43,  and  KG-44  equipments. 
U-ALX  and  A-ARX;  Satellite 
Rekey  Microcurcuit .  This 
microcircuit  provides  an 
over-the-Air  Electronic 
Rekey  capability  for  future/ 
advanced  versions  of  our 
satellite  equipments. 


Hughes  Aircraft,  Co.,  Mr .  A1  Rupp 

Microelectronics  Systems  (714)858-6538 

Division 

29947  Avenida  de  las  Banderas 

Rancho  Santa  Margarita,  CA  92688-7000 


IDOCS;  The  IDOCS 
provides  intrusion  alarm 
monitoring,  detection  and 
annunication  to  secure  a 
fiber  optic  link  for  trans¬ 
mission  of  all  levels  of 
classified  information  at 
a  data  rate  of  6  to  13  MHz 
(factory  set  frequency)  up  to 
1.5  kilometers. 


Hughes  Aircraft  Co., 
Space  &  Comm.  Group 
Building  S41/MS  B327 
Los  Angeles,  CA  90009 


MYKOTRONX,  Inc. 

357  Van  Ness 
Torrance,  CA  90501 


Mr.  Richard  Hollis  KI-23 ;  System  for  satellite 
(213)647-4653  command  link  authentication 

and  protection,  composed  of 
a  KIT-23  for  ground  station 
command  encryption  and  a 
KIR-23  for  satellite  decrypt¬ 
ion  and  authentication. 


Mr.  John  Droge 
( 213)533-8100 


General  Electric  Company  Mr.  Prafuz  Patel 

Astrospace  Electronics  (215)354-2774 

Division 

P.O.  Box  8555 

Philadelphia,  PA  19101 


Space  System/Loral 


Mr.  Travis  Cole  KI-23 ;  Continued 
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3825  Fabian  Way 
Palo  Alto,  CA  94303 


(415)852-5147 


MYKOTRONX,  Inc.  Mr.  John  Droge 

357  Van  Ness  Way  (213)533-8100 

Torrance,  CA  90501 

LSI  Logic  Corp.  Mr.  James  Lawrence 

48660  Kato  Road  (408)433-8273 

MSK-304 

Fremont,  CA  94538 

MYKOTRONX,  Inc.  Mr.  John  Droge  MYK-6 ;  Satellite  telemetry/ 

357  Van  Ness  Way  (213)533-8100  data  encryption/decryption 

Torrance,  CA  90501  microcircuit  at  1  bs  to  20 

Mbs . 


Intel  Systems  II,  Inc.  Mr.  Steve  Nance  TEPACHE  iKGM-100 ;  One  of 

2402  W.  Beardsley  (602)869-3741  NSA's  standard  embedded 

Phoenix,  AZ  85027  COMSEC  products.  Fully  Com¬ 

pliant  with  NSA's  standard 
DS-69;  used  for  computer/data 
key  generator  modules  for  use 
in  computer  applications 
including  link,  file  protec¬ 
tion,  network  communications 
security  in  host  terminals, 
workstations,  and  smart  peri¬ 
pherals.  TEPACHE  is  a  highly 
flexible,  asynchronous  module 
with  a  microprocessor  style 
interface,  endorsed  for 
integration  in  devices  to  be 
used  to  secure  U.S.  Govern¬ 
ment  information  classified 
TOP  SECRET  and  below  and  to 
protect  sensitive  U.S.  Govern¬ 
ment  information. 


KI-23  T/R  MICROCIRCUIT; 
Satellite  comand  encryption/ 
decryption  and  authentication 
microcircuit  endorsed  for  the 
protection  of  the  command 
uplinks  of  commercial,  civil, 
and  DoD  satellite  systems. 
Advanced  version  of  the  KI-23. 


INTEL  Systems  II,  Inc. 
2402  W.  Beardsley 
Phoenix,  AZ  85027 


LSI  Logic  Corporation 
1551  McCarthy  Blvd. 
Milpitas,  CA  95035 


Mr.  Richard  Rasmussen  TEPACHE  PRIME;  The  module  is 
(602)869-4444  based  on  Data  Standard  169, 

the  module  provides  the  end- 
ability  to  handle  Secure  Data 
Network  Systems  (SDNS) 
product-generate ,  distribute 
and  consume  key  material. 

KG- 4 6  Microcircuit ;  Advanced 
version  of  the  KG-46  data 
encryption/decryption  unit  for 
space  application.  The  KG-46 


Mr.  Bruce  Parsons 
(408)433-4136 
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Microcircuit,  designated  the 
LSI-6,  is  remotely  rekeyable 
and  will  operate  up  to  20  Mbs. 


Magnavox  Mr  .  Ken  Devanny 

Advanced  Products  and  (213)618-7077 

Systems  Co. 

2829  Maricopa  St. 

Torrance,  CA  90503 

Stanford  Telecommunications 

2421  Mission  College  Blvd.  Mr.  Howard  Cannes 
Santa  Clara,  CA  95054  (408)980-5630 

Rockwell  International  Mr.  James  Arnold 

Corp.,  Collins  Gov't  (319)395-5294 

Avionics  Division 
400  Collins  Rd.  NE 
Cedar  Rapids,  lA  52498 


Precise  Positioning  Service 
Security  Module  ( PPS-SM) 
MX617510 ;  This  module  is  to 
be  embedded  into  a  Global 
Positioning  System  (GPS) 
host  application.  It  allows 
authorized  users  access  to  the 
Precise  Positioning  Service 
of  GPS  while  maintaining  the 
host  application  as  unclass- 
fied,  but  controlled  in 
accordance  with  NTISSI  3006 
when  keyed. 


Motorola,  Inc.,  GEG 
8201  E.  McDowell  Rd. 
Mail  Drop  H-2289 
Scottsdale,  AZ  85252 


Mr.  Joseph  Marino  Network  Encryption  System; 

(602)441-5827  The  NES  protects  information 

classified  TOP  SECRET  and 
below  over  both  local  area 
networks  (LANs)  and  wide  area 
networks  (WANs).  It  has  fully 
loadable  software  for  ease  in 
changing  or  updating  network 
protocols.  The  NES  features 
fully  electronic  key  distr¬ 
ibution  and  is  compatible  with 
Secure  Data  Network  Systems 
(SDNS)  standards. 


Motorola,  Inc.,  GEG  Mr.  Dave  Kohler 

8201  E.  McDowell  Rd.  (602)441-2756 

P.O.  Box  1417 
Scottsdale,  AZ  85252 


INDICTOR;  The  Miniature 
Voice/Data  Key  Generator 
Module,  Type  1,  is  a  single 
monolithic  chip  and  an  NSA 
Standard  Product.  Compliant 
with  the  NSA's  Data  Standard 
68;  the  INDICTOR  may  be  used 
in  voice/data  key  generator 
applications  in  hand  held 
radios  and  telephones. 

INDICTOR  is  traffic  compatible 
with  the  KY-57/58,  KY-99, 

KYV-5  (ANDVT),  KOV-1 . 

( SINCGARS ) ,  KYV-2A/B , 

WINDSTER,  the  STU-III,  and 
certain  KG-84  applications. 

The  INDICTOR  is  used  to 
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secure  information  classified 
TOP  SECRET  and  below,  and  to 
protect  sensitive  U.S.  Govern¬ 
ment  information. 


Motorola,  Inc.,  GEG 
Strategic  Elec.  Div. 

2501  South  Price  Rd. 
Chandler,  AZ  85248-2899 


Mr.  Bill  Crook 
(602)732-3432 
John  Nelson 
(602)  732-3087 


KIV-9 ;  Spaceborne  decryption 
unit  designed  for  embedment 
in  a  Motorola  S-Band  Space 
Ground  Link  Subsystem  receiver 
package  or  in  a  stand-alone 
box  with  power  converter  and 
interface  module.  Unit  is 
also  available  as  a  single¬ 
unit  "slice"  for  custom 
applications. 

KGV-46 :  It  is  an  embedment 

application  of  the  RICEBIRD 
LSI  chip  into  an  assembly,  or 
slice,  which  will  perform  an 
encryption  function  for  the 
Motorola  space  groundlink 
satellite  subsystems  (SGLS) 
transmitter . 


Motorola,  Inc. 

1701  McCormick  Drive 
handover,  MD  20785 


Mr.  Steve  Reddick  FASCINATOR  EQUIPPED  MCXIOO, 

(608)576-3519  MX300-S,  PX  300S,  SYNTOR  9000, 

SYNTOR  X9000E,  SPECTRA,  and 
SABER  Radios,  and  the  Portable 
Repeater ;  The  FASCINATOR 
Secure  Voice  Module  (SVM) 
product  line  is  a  half-duplex 
12  KBs  serial  encryption 
device  that  operates  in  the 
synchronous  mode.  Radios 
which  employ  the  SVM  have  a 
secure  voice  and  plaintext 
mode.  The  SVM  can  be 
purchased  in  new  MCXIOO  and 
MX300  radios,  and  the  Portable 
Repeater  or  as  part  of  a 
retrofit  kit  for  the  same 
radios  and  the  repeater. 


Motorola,  Inc. 

8201  E.  McDowell  Rd. 

P.O.  Box  1417 
Scottsdale,  AZ  85252 

tion  module.  It  will  provide 
half-duplex  secure  voice  and 
data  over  radio  and  wireline 


Mr.  Dave  Kohler  Sunburst  II  Processor;  A 

(602)441-2756  portable  narrowband/wide¬ 

band  voice/data  encryptor  that 
features  the  INDICTOR  encryp- 
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media  for  tactical  operations. 
Sunburst  II  is  a  secure  only 
unit  with  no  plaintext  bypass. 


PE  Systems,  Inc.  Mr.  Donald  Binder  GILLAROO;  A  full  slot 

5520  Cherokee  Ave.  (703)642-9300  encryption  board  that 

Alexander,  VA  22312  provides  secure  point-to-point 

and  Electronic  Mail  capab¬ 
ilities  for  IBM  and  IBM 
compatible  PC's.  GILLAROO  is 
asynchronous,  and  operates  at 
user-selective  data  rates 
ranging  from  110  to  9600  baud. 
GILLAROO  is  endorsed  to 
protect  SECRET  and  below 
information.  PE  Systems  is 
authorized  to  accept  new 
orders  up  to  31  December  1993. 


PE  Systems,  Inc.  Mr.  Donald  Binder 

5520  Cherokee  Ave.  (703)642-9300 

ALexandria,  VA  22312 


Racal  Communications,  Inc.  Mr.  Robert  Hall 
5  Research  Place  (301)948-4420 

Rockville,  MD  20850 


GUARDSMAN  lOOT;  TEMPEST- 
approved  ancillary  device 
that  contains  the  NSA 
endorsed  GILLAROO  as  its 
cryptologic  component.  The 
GUARDSMAN  allows  "stand¬ 
alone"  GILLAROO  connectivity 
via  RS-232  interface  to  the 
user  PC  serial  port.  It  also 
has  identical  features,  and  is 
interoperable  with  the 
GILLAROO.  The  GUARDSMAN  can 
be  connected  to  both  IBM  and 
non-IBM  compatible  PC's  as 
well  as  mainframe  computers. 

PE  Systems  is  authorized  to 
accept  new  orders  up  to 
31  December  1993. 

PRC6515  (EC);  -  INDICTOR 
based  handheld  radio,  endorsed 
up  through  TOP  SECRET,  12  Kbs, 
Federal  Standard  1023 
Compatible. 


Scope,  Inc.  Mr.  Jim  McCauley 

1860  Michael  Faraday  Dr.  (703)471-5600 

Reston,  VA  22090 


HNF-81-1/2  Frames;  Facility 
rack  adaptor  for  the  KG-81 
and  KG-94  trunk  encryption 
devices  which  provides  mech¬ 
anical  and  electrical  con¬ 
nections  to  the  using 
facility . 
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General  Electric  Aerospace  Mr.  John  Tchou 
Government  Communications  (609)338-3760 
Systems  Department 
Front  and  Cooper  St. 

Camden,  NJ  08102 


KY-90,  KGX-93,  HGF-93,  KG-82, 
HGF-94,  KT-93,  ST-34,  KY-68, 
HYP-71;  SUPPORT  SWITCHED 
tactical  communications 
systems;  KY-68  telephone 
terminals  and  associated 
systems  ancillaries  provide 
encryption/decryption  of  all 
level  of  classification  of 
voice  or  data  traffic.  Sales 
are  limited  to  prime  con¬ 
tractors  involved  in  the 
Mobile  Subscriber  Equipment 
Program. 


Rockwell  International  Mr.  William  Mavity 

Microelectronics  (714)833-4133 

Research  &  Dev.  Center 
4311  Jamboree  Road 
M/S  501-377 

Newport  Beach,  CA  92660 


Monolithic  Randomizer; 

Produces  a  random  binary  bit 
Stream  which  is  endorsed  for 
use  in  communications  security 
equipment  that  requires  a 
randomizer  in  order  to  secure 
D.S.  Government  information 
classified  TOP  SECRET  and 
below. 


Simpact  Associates,  Inc. 

12007  Sunrise  Valley  Dr. 

Reston,  VA  22091 

TOP  SECRET  and  below.  Using 
a  government  supplied  algor¬ 
ithm,  the  SSP3110  encrypts 
information  received  over  the 
Small  Computer  Interface  bus 
from  a  host  computer  or  file 
server  and  writes  and  enc¬ 
rypted  information  to  a  desig¬ 
nated  media  storage  device. 


Mr.  Michael  Ulrich  SSP3110 ;  Data  Storage  Enc- 
(703)758-0190  ryptor  to  secure  U.S.  Govern¬ 

ment  information  classified 


Teledyne  Electronics 
649  Lawrency  Dr. 

Newbury  Park,  CA  91320 

Hazeltine  Corp. 

450  E.  Pulaski  Rd. 
Greenlawn,  NY  11740 

Allied  Signal  Corp. 
Bendix  Comm.  Div. 

1300  E.  Joppa  Rd. 


Mr.  Emmett  Dunlap 
(805)498-3305 


Mr.  Robert  Fischer 
(516)351-4116 


Mr.  Al  Horning 
(301)583-4000 


KI-IC;  COMSEC  unit  for 
Mark  XII  Identification 
Friend  or  Foe  system;  com¬ 
prises  two  major  subsystems. 
Interrogators  and  Transpon¬ 
ders,  KIR-IA/C  and  KIT-IA/C, 
respectively;  the  KI-IC  is 
a  technological  roll  over  of 
the  KI-IA,  and  utilizes  Elec¬ 
tronic  Keying. 
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Baltimore,  MD  2120 


Teledyne  Electronics 
649  Lawrence  Dr. 

Newbury  Park,  CA  91320 


Mr.  Emmett  Dunlap 
(805)498-3305 


KIV-3 ;  Designed  to  operate 
in  conjunction  with  a 
combined  Interrogator/Trans¬ 
ponder  to  provide  Mode  4 
operation  in  the  MARK  XII 
Identification  Friend  or  Foe 
System;  incorporates  3-micron 
LSI  technology  in  combining 
both  the  function  of  the 
KIR-IC  and  KIT-IC  into  a 
small,  light  weight  module; 
keyed  via  the  common  fill 
devices,  KOI-18  and  KYK-13. 


TRW/EPI 

3650  N.  Nevada  Ave. 
Colorado  Springs,  CO 


Mr.  John  Cramer 
(719)577-8152 

80907 


KL-43C,  D  and  E;  Off-line 
alphanumeric  encrypt/decrypt 
device  with  challenge/reply 
authentication.  The  KL-43E 
is  the  large  keyboard  version. 
The  KL-43C  is  a  small  rugged- 
ized  version  with  two  message 
buffers  and  additional  comm¬ 
unications  features. 


Ultron  Labs  Corp.  Mr.  John  Politis  Ultron  Crypto-Engine;  COMSEC 

1601  Research  Boulevard  (301)251-4960  module  for  use  in  securing 

Rockville,  MD  20850  TOP  SECRET  information  and 

below,  and  to  protect 
sensitive  U.S.  Government 
information;  designed  to 
facilitate  the  integration  of 
cryptography  into  end-item 
devices  designed  for  NSA 
endorsement  for  use  in  various 
data  applications. 


UNISYS 

P.O.  Box  517 
Paoli,  PA  19301 


Mr.  Donald  Wilson  KOI-18 ;  Fill  device,  light- 

(215)648-2337  weight,  general  purpose  tape 

reader,  accepts  standard  one- 
inch  wide  tape. 


UNISYS 

P.O.  Box  517 
Paoli,  PA  19301 


Mr.  Donald  Wilson  KYK-13 ;  Fill  device,  light- 

(215)648-2337  weight,  battery-operated, 

digital  data  storage  for  six 
keys;  will  transfer  keys  to 
other  equipment  by  direct 
connection  or  by  fill  cable. 
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UNISYS 

P.O.  Box  517 

Paoli,  PA  19301 


Mr.  Donald  Wilson 
(215)648-2337 


KYX-15A:  Fill  device,  net 

control  device;  can  provide 
remote  keying  distribution; 
can  store  up  to  16  keys. 


Wang  Laboratories 
One  Industrial  Ave. 
Mail  Stop  013-390 
Lowell,  MA  01851 


Mr.  Lewis  Collins  Trusted  Interface  Unit  (TIU); 

(508)967-5661  The  TIU-1  is  a  stand-alone 

device  that  protects  infor¬ 
mation  classified  TOP  SECRET 
and  below  between  hosts  having 
IEEE  802.3  or  Ethernet  inter¬ 
faces  to  broadband,  baseband, 
or  fiber-optic  Local  Area 
Networks  (LANs).  The  TIU-1 
also  protects  classified 
information  for  hosts  across 
Wide  Area  Networks  (WANs)  by 
implementing  DoD  Internet 
Protocols  (IP)  and  accessing 
commercial  IP  gateways  based 
on  pairwise  keying  relation¬ 
ships  between  TIU-ls. 


Xerox  Corp.  Mr.  Frank  Presson  XEU ;  Endorsed  to  secure  U.S. 

7900  W.  Park  Drive  (703)442-6777  Government  information 

4th  Floor  classified  through  TOP  SECRET 

McLean,  VA  22102  level  on  Local  Area  Networks. 

Protects  security  of  infor¬ 
mation  by  acting  as  bridge 
between  processor  it  serves 
and  network.  Using  Govern¬ 
ment  supplied  algorithm,  XEU 
encrypts  information  flowing 
from  network  to  processor. 

The  XEU  can  be  used  with 
networks  and  equipment  which 
conform  to  the  IEEE  802.3 
standard . 
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TYPE  2  PRODUCTS: 


AT&T 

Technologies  Division 
1120  20th  Street,  N.W. 
Washington,  D.C.  20036 

Cylink  Corporation 
3091  Holcomb  Bridge 
Road  STE.  FI 
Norcross,  GA  30071 


Mrs.  Kathleen  O'Rourke 
(202)457-3613 


Mr.  David  Hammond 
(404)662-5627 


DS-3  Encryptor;  Protects 
security  of  voice,  data,  or 
video  channels  in  any  stan¬ 
dard  DS-3  (44.736  Mbs)  signal 
carried  over  digital  radio, 
coaxial  cable,  satellite,  or 
lightwave  transmission  fac¬ 
ility.  In  these  applications, 
the  DS-3  encryptor  will 
protect  sensitive  U.S.  Govern¬ 
ment  information. 


Allied  Signal  Corp. 
Bendix  Comm.  Div. 
1300  E.  Joppa  Rd. 
Baltimore,  MD  21204 


Mr.  Allan  Horning  ST-58:  Test  equipment  for 

(301)859-4493  VINSON,  KG-84/84A/84C ,  and 

Common  Fill  Devices;  modular 
in  construction  and  consists 
of  three  separate  units;  the 
top  section  is  the  general 
computer  containing  the  main 
memory,  it  is  used  in  conj¬ 
unction  with  two  test 
adapters;  X-APA  which  tests 
the  VINSON  and  Common  Fill 
Devices  and  the  Z-APD  which 
tests  the  KG-84/84A/84C  and 
Common  Fill  Devices.  The 
ST-58  designed  for  a  con¬ 
trolled,  fixed  plant 
environment . 


Racal-Guardata ,  Inc. 
480  Spring  Park  Place 
Suite  900 

Herndon,  VA  22070 

Pa ilen- Johnson 
1370  Piccard  Drive 
Rockville,  MD  20850 


Litronics  Industries, 
2950  Redhill  Ave. 
Costa  Mesa,  CA  92715 


Mr.  Paul  Jones 
(703)471-0892 


Mr.  William  Pailen 
(301)948-5726 


Inc.  Mr.  Paul  Johnson 
(714)545-6649 


Low-Cost  Encryption /Authen¬ 
tication  Device  ( LEAD) ; 

LEAD  is  endorsed  for  the 
authentication  of  system 
users  and  the  protection  of 
sensitive  unclassified  U.S. 
Government  information  on 
terminal-to-host  and  terminal- 
to-network  access  lines.  A 
DoD  waiver  of  FIPS  46-1  and 
FIPS  140  has  been  granted  to 
allow  the  use  of  LEAD  to 
protect  sensitive  unclass¬ 
ified  computer  information  on 
DoD  applications.  The  GSA 
has  offered  to  pursue  such  a 
waiver  on  behalf  of  Civil 
agencies  if  so  requested. 
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Harris  Corp. 

Custom  Integrated 
Circuits  Div. 
(HCICD) 

P.O.  Box  9100 
Melbourne,  FL  32902 


Mr.  Steve  Robillard  Cypher  I;  CMOS  data  enc- 
(407)729-5528  ryption  integrated  circuit. 

NOTE;  This  item  is  avail¬ 
able  only  to  those  companies 
that  intend  to  integrate 
cryptography  into  an  end-item 
product,  and  have  established 
a  formal  working  relationship 
with  NSA  via  a  contract,  the 
Commercial  COMSEC  Endorsement 
Program,  or  the  User  Partner¬ 
ship  Program. 


Rockwell  International  Mr.  William  Mavity 

Microelectronics  (714)833-4133 

Research  &  Dev.  Center 
4311  Jamboree  Road 
M/S  501-377 

Newport  Beach,  CA  92660 


Monolithic  Randomizers; 
Produces  a  random  binary  bit 
stream  which  is  endorsed  for 
use  in  communications  security 
equipment  that  requires  a 
randomizer  in  order  to  protect 
sensitive  U.S.  Government 
information. 


Simpact  Associates,  Inc.  Mr.  Michael  Ulrich  BULLETPROOF;  One  of  NSA's 
12007  Sunrise  Valley  Dr.  (703)758-0190  standard  embedded  COMSEC 

Reston,  VA  22091  products.  Fully  compliant 

with  NSA's  standard  DS-72; 
used  for  computer/data  key 
generator  modules  for  use  in 
computer  applications  inc¬ 
luding  link,  file  protection, 
network  communications 
security  in  host  terminals, 
workstations,  and  smart  peri¬ 
pherals.  BULLETPROOF  is  a 
highly  flexible, .asynchronous 
module  with  a  microprocessor 
style  interface,  endorsed  for 
integration  in  devices  to  be 
used  to  protect  sensitive, 
unclassified  U.S.  Government 
information. 
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POTENTIAL  CRYPTOGRAPHIC  PRODUCTS  LIST 

The  NSA  Potential  Cryptographic  Products  List  contains  the  names  of  those 
companies  and  their  respective  products  that  have  been  accepted  into  the 
Commercial  COMSEC  Endorsement  Program  (CCEP)  through  the  signing  of  a 
Memorandum  of  Understanding.  This  means  the  NSA  and  the  company  will  be 
working  together  on  the  successful  development,  evaluation,  security 
endorsement,  and  production  of  the  company's  product  under  the  terms  of  the 
CCEP.  When  a  product  achieves  NSA  security  endorsement,  it  will  then  be 
placed  on  the  NSA  Endorsed  Cryptographic  Products  List . 

Information  beyond  that  contained  in  this  list  may  be  considered  by  the 
company  to  be  proprietary.  Prospective  customers  for  these  products  are 
encouraged  to  contact  the  listed  companies  for  additional  details. 

Comments  and  corrections  regarding  the  Potential  Cryptographic  Products 
List  may  be  directed  to: 

DIRECTOR 

National  Security  Agency 

ATTN:  X51 

Ft.  George  G.  Meade,  MD  20755-6000 


COMPANY  NAME 

GENERIC  PRODUCT 

VENDOR  POC  &  NUMBER 

Allied  Signal  Corp. 

Bendix  Comm.  Div. 

1300  East  Joppa  Rd. 
Baltimore,  MD  21204 

Identification 

Friend/Foe  System 

Mr.  Richard  Gonzales 
(301)583-4497 

Allied  Signal  Corp. 

Bendix  Comm.  Div. 

1300  East  Joppa  Rd. 
Baltimore,  MD  21204 

Personal  Computer 
Communication  Link 
Encryptor 

Mr.  A1  Horning 
(301)583-4493 

Aydin  Vector  Division 

P.O.  Box  328 

Newtown,  PA  18940 

Telemetry  Encryption 
Support  Module 

Mr.  Harold  Gilje 
(215)968-4271 

Base  Ten  Systems,  Inc. 

One  Electronics  Drive 

P.O.  Box  3151 

Trenton,  NJ  0861 

Embeddable  COMSEC 

Modules  (TEPACHE 
and  TEPACHE  PRIME) 

Mr.  Jack  Kelly 
(609)586-7010 

Boeing  Aerospace 

P.O.  Box  3999 

Seattle,  WA  98124-2499 

MLS  Local  Area 

Network  with  COMSEC 

Mr.  Ken  Takeuchi 
( 206)773-0628 

General  Electric  Comp. 

P.O.  Box  8555 
Philadelphia,  PA  19101 

Embeddable  KI-37  is  Mr.  Larry  Newman 

rad-hard  space  COMSEC  (215)354-5447 

chip  set. 
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Harris  Corp. , 

Custom  Integrated 
Circuits  Div. 

P.O.  Box  883 
Melbourne,  FL  32901 

Harris  Corp. , 

1201  E.  Abington  Drive  #300 
Alexandria,  VA  22314 

Harris  Corp. , 

RF  Communications 
1680  University  Avenue 
Rochester,  NY  14610 

Hughes  Aircraft  Co., 

Ground  Systems  Group 
P.O.  Box  3310 
Fullerton,  CA  92634 

Loral  Conic 
9020  Balboa  Ave. 

San  Diego,  CA  92123 

Loral  Conic 
9020  Balboa  Ave. 

San  Diego,  CA  92123 

McDonnell  Douglas 

1801  East  St.  Andrew  Place 

Santa  Ana,  CA  02705-6520 

Microcom  Corp.,  Aerospace 
Telecommunications  Div. 
965  Thomas  Dr. 

Warminister,  PA  18974 


Monolithic 

Randomizer 


Standard  Key 
Management  Module 


Embeddable  COMSEC 
Module  (WINDSTER) 


Monolithic  Randomizer 


Secure  Pulse  Code 
Modfulation  System 
(SPMS-440) 

KG-68  Telemetry 
Support 


I  DOCS 


Support  Package  for 
KG-66  and  KGV-68 


Motorola,  Inc. 

Gov.  Electonics  Group 
8201  E.  McDowell  Rd. 
Scottsdale,  AZ  85252 

Motorola,  Inc. 

Gov.  Electronics  Group 
8201  E.  McDowell  Rd. 
Scottsdale,  AZ  85252 

Motorola,  Inc. 

Gov.  Electronics  Group 
8201  E.  McDowell  Rd. 
Scottsdale,  AZ  85252 


Embeddable  COMSEC 
Module  (WINDSTER) 


Standard  Key 
Management  Module 


Single  Chip  Key 
Generator 


Mr.  Stephen  Robillard 
( 407)729-5528 


Mr.  Jim  Wellington 
(703)739-1934 


Mr.  Chris  Fedde 
(716)244-5830 


Mr.  George  Hume 
(714)441-9987 


Mr.  Ron  Bergfors 
(619)279-0411 


Mr.  Ron  Bergfors 
(619)279-0411 


Mr.  James  Kidd 
(714)566-5912 


Mr.  Bill  Barsby 
(215)  672-6300 


Ms.  Vicki  Beseke 
(602)441-2185 


Mr.  David  Kohler 
(602)441-2756 


Mr.  Roger  Curren 
(602)732-2235 
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Secure  Computer 


Science  Applications 
International  Technology 
4224  Campus  Point  Court 
San  Diego,  CA  92121 


TRW/EPI,  Inc.  Data  Encryption 

3650  N.  Nevada  Ave.  (Embedded  KI-23) 

Colorado  Springs,  CO  80907 


Mr.  A.  L.  Dean,  Jr. 
(619)450-2288 


Mr.  John  Cramer 
(719)577-8152 


Ultron  Labs  Serial  Encryption  Unit  Mr.  John  Politis 

1601  Research  Blvd.  (301)251-4960 

Rockville,  MD 
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INTRODUCTION  TO  THE 

NSA- ENDORSED  DATA  ENCRYPTION  STANDARD  (DES)  PRODUCTS  LIST 


The  Data  Encryption  Standard  (DES)  is  a  cryptographic  algorithm 
which  NSA  formally  designated  in  1978  as  appropriate  for  protecting 
"unclassified  national  security-related  telecommunications."  The  DES 
algorithm  continues  to  be  an  acceptable  means  for  protecting  what  is 
now  defined  as  "sensitive  unclassified  U.S.  Government  or  government- 
derived  information." 

Under  the  auspices  of  the  DES  Endorsement  Program,  NSA  has 
endorsed  DES-based  telecommunications  protection  equipment  developed  by 
U.S.  manufacturers  at  their  expense  to  meet  the  general  security 
requirements  specified  by  Federal  Standard  1027.  The  DES  Endorsement 
Program  has  been  successful  in  providing  a  variety  of  DES-based 
equipment  suitable  for  data  link  encryption,  voice  radio  encryption  and 
satellite  system  protection. 

This  chapter  contains  a  technical  description  of  each  NSA- 
endorsed  DES  equipment  along  with  requisite  procurement  data.  Policies 
and  procedures  governing  DES  key  material  usage  and  ordering  are  also 
covered . 


GOVERNMENT  ENDORSED  DATA  ENCRYPTION  STANDARD  (DES)  EQUIPMENT 


THE  INFORMATION  COVERED  HERE  IS  INTENDED  TO  MAKE  YOUR  SELECTION  AND 
IMPLEMENTATION  OF  DES-BASED  COMMUNICATIONS  PROTECTION  EQUIPMENT  AS  EASY 
AS  POSSIBLE.  THE  LIST  OF  DATA  ENCRYPTION  STANDARD  (DES)  EQUIPMENTS 
ENDORSED  BY  THE  NATIONAL  SECURITY  AGENCY  AS  MEETING  FEDERAL  STANDARD 
1027  (FS-1027)  ALONG  WITH  DES  KEY  MATERIAL  ORDERING  PROCEDURES  IS 
PROVIDED  FOR  THAT  PURPOSE. 

TO  VERIFY  A  VENDOR'S  CLAIM  THAT  HIS  DES  EQUIPMENT  IS  "NS A  ENDORSED, "  WE 
RECOMMEND  THAT  YOU  ASK  THE  MARKETING  REPRESENTATIVE  FOR  A  COPY  OF  THE 
ENDORSEMENT  CERTIFICATE  THAT  NSA  PROVIDES  THE  MANUFACTURER.  THIS 
CERTIFICATE  INCLUDES  THE  NAME  AND  MODEL  NUMBER  OF  THE  VENDOR'S  ENDORSED 
DES  EQUIPMENT  AND  THE  U.S.  GOVERNMENT  ENDORSEMENT  IDENTIFICATION 
(USGEID)  NUMBER  ASSIGNED  TO  THAT  EQUIPMENT. 

THE  EQUIPMENTS  ARE  CATEGORIZED  BY  VOICE,  LOW  SPEED  (64  Kbps  or  less) , 
HIGH  SPEED  (greater  than  64  Kbps) ,  SATELLITE,  INFORMATION  STORAGE  AND 
KEY  MANAGEMENT . 

THE  NSA  DES  ENDORSEMENT  PROGRAM  OFFICIALLY  ENDED  1  JANUARY  1988.  NSA 
WILL  CONSIDER  EVALUATING  MODIFICATIONS  TO  PREVIOUSLY  ENDORSED  UNITS 
ONLY  IF  THE  PROPOSED  MODIFICATIONS  DO  AFFECT  THE  SECURITY 

FUNCTIONALITY  OF  THE  UNITS.  ANY  MODIFICATIONS  TO  ENDORSED  DES  UNITS 
MUST  BE  EVALUATED  BY  NSA  TO  MAINTAIN  THE  ENDORSEMENT. 

ENDORSED  DES  PRODUCTS  CURRENTLY  IN  INVENTORY  MAY  STILL  BE  PROCURED  AND 
APPLIED  AND  WILL  CONTINUE  TO  BE  AN  ACCEPTABLE  MEANS  OF  PROTECTING 
SENSITIVE  UNCLASSIFIED  U.S.  GOVERNMENT  INFORMATION.  NSA  WILL  CONTINUE 
TO  PROVIDE  KEY  MATERIAL  FOR  EXISTING  AND  NEW  GOVERNMENT  APPLICATIONS  OF 
ENDORSED  DES  PRODUCTS. 

NEW  TELECOMMUNICATIONS  PRODUCTS  WHICH  ARE  ENDORSED  FOR  USE  TO  PROTECT 
SENSITIVE  UNCLASSIFIED  U.S.  GOVERNMENT  INFORMATION  ARE  BEING  DEVELOPED 
UNDER  THE  NSA  COMMERCIAL  COMMUNICATIONS  SECURITY  (COMSEC)  ENDORSEMENT 
PROGRAM  (CCEP) .  SUCH  PRODUCTS  WILL  OFFER  ALTERNATIVES  TO  THE  USE  OF 
ENDORSED  DES-BASED  PRODUCTS  FOR  THIS  LEVEL  OF  PROTECTION. 

TECHNICAL  INQUIRIES  PERTAINING  TO  DES  APPLICATIONS  SHOULD  BE  DIRECTED 
TO  THE  FOLLOWING  TELEPHONE  NUMBERS: 

DES  RADIO:  (301)  859-4522 
DES  DATA  :  (301)  859-4471 


NOTE:  ANY  DES  EQUIPMENT  THAT  REQUIRES  KEY  LOADING  VIA  A  KOI-18  FILL 
DEVICE  CAN  ALSO  BE  LOADED  UTILIZING  A  GENERAL  PURPOSE  TAPE  READER, 
WHICH  IS^  NONCONTROLLED  CRYPTOGRAPHIC  ITEM  (CCI)  VERSION  OF  THE 
KOI-18. 
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NSA-PRODUCED  DES  KEY  MATERIAL  MUST  BE  USED  ONLY  IN  ENDORSED  EQUIPMENTS 
WHICH  ARE  IMPLEMENTED  IN  COMMUNICATIONS  SYSTEMS  TO  PROTECT  SENSITIVE 
UNCLASSIFIED  U.S.  GOVERNMENT  INFORMATION.  THE  FOLLOWING  INFORMATION  IS 
REQUIRED  FOR  ORDERING  NSA-PRODUCED  DES  KEY  MATERIAL  FOR  GOVERNMENT 

EQUIPMENT.  raE  LEAD  TIME  ^CESSARY  TO  PRODUCE  THE 
IS  ONE  HUNDRED  TWENTY  (120)  DAYS  OR  MORE  PRIOR  TO  THE  REOUIRED  IN- 
PLACE  DATE. 


data  required  for  ordering  DES  KEY  MATERIAL 


1.  NATURE  OF  REQUEST  (NEW  REQUIREMENT,  CHANGE  IN  REQUIREMENT,  OR 
RESUPPLY) 

2.  USE  (OPERATIONAL,  MAINTENANCE,  TRAINING,  TESTING,  OR  CONTINGENCY) 

3.  SYSTEM  DESIGNATION  AND  NETWORK  STRUCTURE 

4.  EQUIPMENT  NOMENCLATURE  TO  INCLUDE  "USGEID  NUMBER” 

5.  KEY  MANAGEMENT  APPROACH  (MANUAL,  KEY  INDEXING,  DOWN-LINE  LOADING) 

6.  KEY  LOADING  TECHNIQUE 

7.  KEY  MATERIAL  FORMAT  (PRINTED/ PUNCHED/ FLOPPY  DISKETTE) 

8.  CRYPTOPERIOD 

9.  NUMBER  OF  KEY  SEGMENTS 

10.  COPIES  PER  KEY  SEGMENT 

11.  NUMBER  OF  EDITIONS 

12.  COPIES  PER  EDITION 

13.  POINT  OF  CONTACT:  NAME,  COMPLETE  MAILING  ADDRESS,  AND  COMPLETE 
TELEPHONE  NUMBER 

14.  COMSEC  ACCOUNT  NUMBER 

15.  DESIRED  IN-PLACE  DATE 

16.  CONTROLLING  AUTHORITY 

17.  DEFENSE  COURIER  SERVICE  ADDRESS  (IF  APPLICABLE) 

ITEMS  1,2,4,11,12  AND  14  ARE  MANDATORY  ITEMS 


REQUESTS  FOR  DES  KEY  MATERIAL  FOR  U.S.  GOVERNMENT  CONTRACTORS  MUST 
INCLUDE  A  STATEMENT  CERTIFYING  THAT  THE  KEY  MATERIAL  WILL  BE  USED  TO 
SUPPORT  THE  ENCRYPTION  OF  SENSITIVE  UNCLASSIFIED  U.S.  GOVERNMENT  AND 
GOVERNMENT-DERIVED  INFORMATION  AND  THAT  IT  WILL  BE  SAFEGUARDED  AND 
CONTROLLED  IN  ACCORDANCE  WITH  NTISSI  3005. 

REQUESTS  FOR  DES  KEY  MATERIAL  SHOULD  BE  SUBMITTED  TO: 

NATIONAL  SECURITY  AGENCY 
ATTN:  Y13 

FORT  GEORGE  G.  MEADE,  MD  20755-6000 


NOTE:  Y13,  OFFICE  OF  COMSEC  PRODUCTION  AND  CONTROL,  MUST  ALSO  BE 

NOTIFIED  WHEN  THE  CRYPTONET  IS  INITIALLY  IMPLEMENTED  TO  ENSURE 
AUTOMATIC  RESUPPLY  OF  KEY  MATERIAL. 
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POINTS  OF  CONTACT  FOR  NSA  FS-1027  DBS  ENDORSED  EQUIPMENTS 


VOICE  RADIO  EQUIPMENT 

(2  vendors  in  alphabetical  order) 

1.  Mr.  Dan  Lynch 

General  Electric  Company 
1680  Mountain  View  Road 
Lynchburg,  VA  24502 
Telephone:  (804)  528-7458 


2.  Mr.  Phil  Lerner 

Motorola  Incorporated 
1701  McCormick  Drive 
handover,  MD  20785 
Telephone:  (301)  386-5000 


USGEID  NUMBER 

PAGE  NO_^ 

00000021 

2-62 

00000022 

2-62 

00000026 

2-62 

00000030 

2-63 

00000033 

2-63 

00000034 

2-63 

00000036 

2-64 

00000001 

2-51 

thru 

thru 

00000010 

2-58 

00000012 

2-59 

00000020 

2-59 

00000032 

2-63 

LOW  SPEED  DATA  EQUIPMENT 
(7  vendors  in  alphabetical  order) 

1.  Mr.  Phil  Bender 

Computer  Sciences  Corporation  00000044 

4600  Powder  Mill  Road 
Beltsville,  MD  207052 
Telephone:  (301)  572-8443 

2.  Mr.  David  Hammond 

CYLINK  00000039 

P.  O.  Box  920459 
Norcross,  GA  30092 
Telephone:  (404)  662-5627 

3.  Mr.  John  Gindling 

Datotek  00000028 

3801  Realty  Road 
Dallas,  TX  72544 
Telephone:  (214)  241-4491 

4 .  Ms  Suzanne  Harper 

Digitech  Telecommunications,  Inc.  00000045 

342  Madison  Avenue 
New  York,  NY  10173 
Telephone:  (212)  557-7230 

5.  Mr.  Frank  Dolan 

Paradyne  Corporation  00000015 

1577  Spring  Hill  Road 
Vienna,  VA  22180 
Telephone:  (703)  448-0062 
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2-16 


2-22 


2-24 


2-34 


2-4 


6. 


00000016 


2-36 


Mr.  Wayne  Braunstein 
Racal-Milgo  Incorporated 
2000  M  Street,  NW 
Washington,  DC  20036 
Telephone:  (202)  466-3940 

7.  Mr.  John  Gill 

Technical  Communications  Corporation  00000023  2-45 

100  Domino  Drive  00000027  2-43 

Concord,  MA  01742  00000040*  2-49 

Telephone:  (617)  862-6035 
*Includes  Digital  Voice  Option 


HIGH  SPEED  DATA  EQUIPMENTS 
(3  vendors  in  alphabetical  order) 

1.  Mr.  Brent  Grotz 

California  Microwave,  Incorporated 
990  Almanor  Avenue 
Sunnyvale,  CA  94086 
Telephone:  (408)  720-6571 

2 .  Mr .  David  Hammond 
CYLINK 

P.  O.  Box  920459 
Norcross,  GA  30092 
Telephone:  (404)  662-5627 

3.  Mr.  Dave  Lastrico 
Hughes  Network  Systems 
10790  Roselle  Street 
San  Diego,  CA  92121 

Telephone:  (619)  453-7007  Ext.  4301 


00000011 


00000025 

00000035 


00000013 

00000014 

00000018 


2-9 


2-20 

2-18 


2-32 

2-30 

2-28 


SATELLITE  EQUIPMENT 

(2  vendors  in  alphabetical  order) 

1.  Mr.  Keith  Dunford 

COMTEL  00000029  2-13 

P.  O.  Box  6005 

Santa  Maria,  CA  93455 

Telephone:  (805)  928-2581 

2.  Mr.  Donald  Marcopulos 

Fairchild  Communications  00000031  2-26 

&  Electronics  Co. 

Fairchild  Industries,  Incorporated 
Germantown,  MD  20874-1182 
Telephone:  (301)  428-6904 
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INFORMATION  STORAGE 


1.  Atlantic  Research  Corporation 

formerly  Systematics  General  Corporation  00000024 
Model  Number  FES- 100  (ACORN) 
has  been  discontinued. 


KEY  MANAGEMENT  SYSTEM 


1.  Mr.  Wayne  Braunstein 

Racal-Milgo  Incorporated  00000041 

2000  M  Street  NW 
Washington,  DC  20036 
Telephone:  (202)  466-3940 
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DATA  EQUIPMENT  INDEX  BY  USGEID  NUMBER 


USGEID  NUMBER 
00000011 
00000013 
00000014 
00000015 
00000016 
00000018 
00000019 
00000023 
00000024 
00000025 
00000027 
00000028 
00000029 
00000031 

00000035 

00000039 

00000040 

00000041 

00000044 

00000045 


COMPANY 

CALIFORNIA  MICROWAVE,  INC. 

HUGHES  NETWORK  SYSTEMS 
HUGHES  NETWORK  SYSTEMS 
PARADYNE  CORPORATION 
RACAL-MILGO  INCORPORATED 
HUGHES  NETWORK  SYSTEMS 
(PRODUCT  DISCONTINUED) 

TECHNICAL  COMMUNICATIONS  CORPORATION 
(PRODUCT  DISCONTINUED) 

CYLINK 

TECHNICAL  COMMUNICATIONS  CORPORATION 
DATOTEK 

COMTEL  (DIV.  OF  SPAR  AEROSPACE  LTD.) 

FAIRCHILD  COMMUNICATIONS 
&  ELECTRONICS  CO. 

CYLINK 

CYLINK 

TECHNICAL  COMMUNICATIONS  CORPORATION 
RACAL-MILGO  INCORPORATED 
COMPUTER  SCIENCES  CORPORATION 
DIGITECH  TELECOMMUNICATIONS,  INC. 
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DATA  EQUIPMENT  INDEX  BY  COMPANY 


CALIFORNIA  MICROWAVE,  INC. 

00000011 

COMPUTER  SCIENCES  CORPORATION 
00000044 

COMTEL  (DIVISION  OF  SPAR  AEROSPACE  LTD.) 
00000029 

CYLINK 

00000025 

00000035 

00000039 

DATOTEK 

00000028 

DIGITECH  TELECOMMUNICATIONS,  INC. 

00000045 

FAIRCHILD  COMMUNICATIONS  &  ELECTRONICS  CO. 
00000031 

HUGHES  NETWORK  SYSTEMS 

00000013 

00000014 

00000018 

PARADYNE  CORPORATION 
00000015 

RACAL-MILGO  INCORPORATED 
00000016 
00000041 

TECHNICAL  COMMUNICATIONS  CORPORATION 

00000023 

00000027 

00000040 
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1 


Manufacturer  Name 


CALIFORNIA  MICROWAVE,  INC. 

2 .  Manuf actur er  Address 

990  ALMANOR  AVENUE 
SUNNYVALE,  CA.  94086 

3.  United  States  Government  Endorsement  Identification  Number 
(USGEID) 

00000011 

4.  Vendor  Model  Number 

CALIFORNIA  MICROWAVE  VIDAR  5800  /  CD-5800 

5.  Vendor  Point  of  Contact 

MR.  BRENT  GROTZ,  (408)  720-6571 

6 .  Equipment  Characteristics 

THE  CD-5800  IS  A  BULK  RATE  ENCRYPTION  DEVICE  WHICH  OPERATES  AT 
SPEEDS  FROM  19.2  KILOBITS  TO  3.152  MEGABITS  AND  INTERFACES  AT 
DSl/TARIFF  270  BELL  FORMAT,  CCITT  V.35,  EIA  RS422  OR  EIA  RS232C,  AS 
EQUIPPED  WITH  OPTIONAL  PLUG-IN  UNITS  TO  THE  BASIC  CD-5800  ASSEMBLY. 

7 .  Testing 

CALL  VENDOR  FOR  INFORMATION 

8.  Alarm  and  Status  Reporting 
CALL  VENDOR  FOR  INFORMATION 

9.  Key  Management  Features /Key  Distribution 

THE  CALIFORNIA  MICROWAVE  CD-5800  REQUIRES  FOR  GOVERNMENT  KEY 
MANAGEMENT  APPLICATIONS,  A  KOI -18  AND  SPECIAL  CABLES  TO  LOAD  THE 
DES  KEY.  THE  DES  KEY  MUST  BE  ORDERED  IN  A  PUNCHED  PAPER  TAPE 
FORMAT.  THE  CD-5800  IS  SWITCH  SELECTABLE  FOR  GOVERNMENT  OR 
COMMERCIAL  MODES  OF  KEY  MANAGEMENT.  QUESTIONS  CONCERNING  THE 
SPECIAL  CABLES  FOR  THE  KOI-18  OR  KEY  MANAGEMENT  SHOULD  BE  DIRECTED 
TO  CALIFORNIA  MICROWAVE,  BRENT  GROTZ  (408)  720-6571. 

10.  Key  Loader 
KOI-18  WITH  CABLES 
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11*  Equipment  Physical  Security  Features 


CALL  VENDOR  FOR  INFORMATION 

12 .  Cost  Range 
$9,000  -  $10,000 

13 .  Availability 

CALL  VENDOR  FOR  INFORMATION 

14.  Leasing  Option 

CALL  VENDOR  FOR  INFORMATION 

15.  Equipment  Options 

CALL  VENDOR  FOR  INFORMATION 

16.  Misc.  Descriptions 

CALL  VENDOR  FOR  INFORMATION 
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1. 


Manufacturer  Name 


COMPUTER  SCIENCES  CORPORATION 

2 .  Manufacturer  Address 

4600  POWDER  MILL  ROAD 
BELTS VI LLE,  MD  20705 

3 .  United  States  Government  Endorsement  Identification  Number 
(USGEID) 

00000044 


4.  Vendor  Model  Number 
SECOM  2010 


5.  Vendor  Point  of  Contact 

SALES  &  GENERAL  INFORMATION:  PHIL  BENDER  (301)  572-8443 

TECHNICAL  INFORMATION:  DEAN  RABENSTINE  (301)  572-8716 


6.  Equipment  Characteristics 


BIT  RATE 


SIZE 

WEIGHT 

POWER 

INTERFACES 

PROTOCOLS 

ZEROIZE  FEATURE 

DIAGNOSTICS 

ENCRYPTION  MODE 
PROPAGATION  DELAY 


-  SYNCHRONOUS  UP  TO  64  KBPS 

ASYNCHRONOUS  110,  300,  600,  1200, 

2400,  4800,  9600,  19200  BPS 

-  8.5”  W,  3.69"  H,  9.25"  D 

-  LESS  THAN  7  LBS. 

-  120  VAC,  47-63  HZ,  0.05  AMPS 

-  RS-232C 

-  PROTOCOL  TRANSPARENT  (PHYSICAL  LAYER) 

-  MANUAL  AND  AUTOMATIC 

-  DES  S-BOX,  DES  CHECKWORD,  ROM  CHECKSUM, 

DISPLAY  TEST 

-  CIPHER  FEEDBACK 

-  SYNCHRONOUS  2  BITS  PER  DEVICE 
ASYNCHRONOUS  1  BIT  PER  DEVICE 


7 .  Testing 

AUTOMATIC  SELF-TEST  ON  POWER  UP,  MANUAL  TEST,  DES  S-BOX,  DES 
CHECKWORD,  KEY  PARITY,  ROM  CHECKSUM,  CONTINUOUS  INPUT/OUTPUT 
CORRELATION  DURING  SECURE  OPERATION. 


8.  Alarm  and  Status  Reporting 
EXTERNAL  ALARM  OUTPUT 

16  CHARACTER  FRONT  PANEL  STATUS  DISPLAY 
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9.  Key  Management  Features /Key  Distribution 


KEY  INDEXING  (ALSO  SEE  ITEM  16  BELOW) . 

NO  KEY  DISTRIBUTION  CAPABILITIES 

10.  Key  Loader 

HEXADECIMAL  KEY  PAD 
KOI-18  OR  EQUIVALENT 

11.  Equipment  Physical  Security  Features 

MEETS  FS  1027;  TAMPER  PROOFING,  PICK  RESISTANT  LOCKS,  INTEGRAL  REAR 
PANEL  U-BOLT. 

12 .  Cost  Range 

CALL  VENDOR  FOR  INFORMATION 

13 .  Availability 

CALL  VENDOR  FOR  INFORMATION 

14 .  Leasing  Option 
NONE  AT  PRESENT 

15.  Equipment  Options 
NONE 

16 .  Misc.  Descriptions 

UNITS  OPERATE  IN  MASTER/ SLAVE  RELATIONSHIP  ON  PHYSICAL  LINK. 

FOR  DIAL-UP  CONFIGURATIONS,  MASTER  CAN  ACCOMMODATE  UP  TO  32  SLAVES 
WITH  UNIQUE  KEY  SETS. 
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1. 


Manufacturer  Name 


COMTEL  (DIVISION  OF  SPAR  AEROSPACE  LTD.) 

2.  Manufacturer  Address 

2811  AIRPARK  DRIVE 

SANTA  MARIA,  CALIFORNIA  93455 

TEL:  (805)  928-2581 

TELEX:  467575 

FAX:  (805)  925-2540 

3 .  United  States  Government  Endorsement  Identification  Number 

(usgeidT 

00000029 

4.  Vendor  Model  Number 
CT-5000 

5*  Vendor  Point  of  Contact 

KEITH  DUNFORD  (805)  928-2581 
DIRECTOR 

MARKETING  AND  PROGRAMS 

6 .  Equipment  Characteristics 

THE  COMTEL  CT-5000  DIGITAL  ENCRYPTION  SYSTEM  PROVIDES  EFFICIENT 
ENCRYPTION/ DECRYPTION  OF  FULL  DUPLEX  DATA  LINKS  OPERATING  AT  RATES 
OF  UP  TO  64  MBPS.  THE  SINGLE  7  INCH  X  19  INCH  RACK  MOUNTED  UNIT 
WEIGHS  SOME  40  LBS  AND  IS  COMPLETELY  SELF  CONTAINED.  POWER 
CONSUMPTION  IS  LESS  THAN  100  WATTS  TOTAL  INCLUDING  INTERNAL  COOLING 
FANS.  THE  CT-5000  IS  PRIMARILY  DESIGNED  TO  PROVIDE  EFFICIENT 
ENCRYPTION  OF  TIME  DIVISION  MULTIPLE  ACCESS  (TDMA)  SATELLITE 
COMMUNICATIONS  NETWORKS.  OTHER  VERSIONS  OF  THE  CT-5000  WILL 
PROVIDE  SIMILAR  CAPABILITY  FOR  TERRESTRIAL  (MICROWAVE)  T3  DATA 
NETWORKS.  THE  COMTEL  CT-5000  STORES  MASTER  KEYS  IN  A  SOFTWARE 
CONTROLLED  QUEUE,  AND  TO  PREVENT  ACCIDENTAL  REUSE,  EACH  MASTER  KEY 
LOCATION  IS  AUTOMATICALLY  ZEROED  WHEN  A  KEY  IS  REMOVED  FROM 
STORAGE.  THE  KEYS  ARE  STORED  IN  A  LIMITED  VOLATILITY  MEMORY  WHICH 
PROTECTS  THE  STORED  KEYS  DURING  POWER  FAILURES. 

7.  Testing 

AUTOMATIC  SELF  TEST  AT  POWER-ON,  OTHER  SELF  TEST  PROCEDURES  ARE 
PROVIDED  FOR  THE  CT-5000  SYSTEM  THROUGH  THE  COMMON  SIGNALING 
CHANNEL  OF  THE  DATA  NETWORK. 
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8.  Alarm  and  Status  Reporting 


THE  CT-5000  DES  SYSTEM  PROVIDES  FRONT  PANEL  LED  STATUS  AND  ALARM 
INDICATORS  FOR:  1.  POWER  ON/OFF 

2.  BATTERY  LOW 

3.  SYNCHRONIZATION 

4.  INTRUSION 

5.  KEY  LOAD  ERROR 

6.  PARITY 

ALARM  AND  STATUS  SIGNALING  ARE  ALSO  PROVIDED  FOR  TRANSMISSION  OVER 
THE  COMMON  SIGNALING  CHANNEL  TO  A  REMOTE  CONTROL  CENTER. 

9.  Key  Management  Features/Key  Distribution 

THE  CT-5000  EMPLOYS  TWO  CLASSES  OF  KEYS: 

A)  MASTER  KEY  WHICH  IS  DISTRIBUTED  FROM  THE 
CENTRAL  NSA  SOURCE,  MAINTAINED  ON  SITE  IN  SECURE 
STORAGE . 

B)  RANDOM  SEQUENCE  SESSION  KEYS  GENERATED  BY  THE 
PRIMARY  NETWORK  REFERENCE  STATION  AND  TRANSMITTED  TO 
THE  OTHER  PARTICIPATING  NODES  VIA  THE  CRYPTO  CONTROL 
CHANNEL.  THESE  KEYS  ARE  REPLACED  AT  SHORT 
INTERVALS . 

10.  Key  Loader 

MASTER  KEYS  ARE  LOADED  INTO  THE  CT-5000  VIA  THE  ELECTRONIC 
INTERFACE  SPECIFIED  IN  PARAGRAPH  3.2. 1.2. OF  FED-STD-1027 .  THE  KEY 
LOADER  IS  A  KOI-18  USING  A  PUNCHED  PAPER  TAPE  FORMAT. 

11.  Equipment  Physical  Security  Features 

THE  CT-5000  ENCLOSURE  IS  SECURED  IN  A  STANDARD  19  INCH  RACK  MOUNT, 
WITH  ALL  REMOVABLE  HARDWARE  MADE  INACCESSIBLE  WHEN  THE  FRONT  PANEL 
IS  CLOSED  AND  LOCKED.  PICK  RESISTANT  LOCKS  ARE  USED  TO  PHYSICALLY 
SECURE  THE  FRONT  PANEL. 

12.  Cost  Range 

$25,000  PER  UNIT  NON-REDUNDANT  CONFIGURATION. 

$50,000  REDUNDANT  CONFIGURATION 

THIS  INDICATES  A  COST  OF  $100,000  PER  FULL  DUPLEX  FULLY  REDUNDANT, 
64  MBPS  (OR  T3)  DATA  LINK. 

13 .  Availability 

(ARO)  -  CURRENTLY  6  MONTHS 
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14.  Leasing  Option 
UNDER  REVIEW 

15.  Equipment  Options 
NONE 

16.  Misc.  Descriptions 
NONE 
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1 


Manufacturer  Name 


CYLINK 

2 .  Manufacturer  Address 

920  WEST  FREMONT  AVENUE 
SUNNYVALE,  CALIFORNIA  94087 

3.  United  States  Government  Endorsement  Identification  Number 
(USGEID) 

00000039 

4 •  Vendor  Model  Number 

CIDEC-LS  (LOW  SPEED  ENCRYPTOR) 

5.  Vendor  Point  of  Contact 

DAVID  HAMMOND 
(404)  662-5627 


6 .  Equipment  Characteristics 

SYNCHRONOUS  DATA  RATES  UP  TO  128  KBPS 

ASYNCHRONOUS  DATA  RATES  UP  TO  19.2  KBPS 

SELF-SYNCHRONIZING  ENCRYPTION  PROCESS 

FULL  DUPLEX,  HALF-DUPLEX,  SIMPLEX 

NON-SWITCHED,  DIAL-UP,  MULTIDROP  APPLICATIONS 

PROTOCOL  TRANSPARENT 

RS232C,  V.35,  RS422,  X.21/V.11 

220  VAC,  115  VAC,  12  WATTS 

2.5  H  8.5  W  16  D 

9  POUNDS 

MENU  DRIVEN  ATTRIBUTE  SELECTION 

7 .  Testing 

TEST  MODE  INCLUDES:  DIAGNOSTICS,  ENCRYPTION,  AND  LOOPING  TESTS 

8.  Alarm  and  Status  Reporting 

TWO  LINES  OF  20  CHARACTER  LCD  DISPLAY  USED  FOR  STATUS,  ALARM,  AND 
PROGRAMMING  MESSAGES 

KEY  LIST  STATUS  VIA  FRONT  PANEL  DISPLAY 

INTERNAL  DATE/TIME  STAMPED  ALARM  MESSAGES  (99  EVENTS) 

GENERAL  ALARM  LED  INDICATES  ACTIVE  OR  HISTORICAL  ALARM  EVENTS 
AUXILIARY  RS232  PORT  ENABLES  AN  AUDIT  OF  ALL  STATUS  AND  ALARM 
MESSAGES  FROM  THE  ENCRYPTOR 
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9.  Key  Management  Features /Key  Distribution 

IN  GOVERNMENT  MODE  USERS  LOAD  KEYS  MANUALLY  VIA  THE  KEYBOARD,  OR 
ELECTRONICALLY  USING  THE  KOI-18  KEY  LOADER.  WHEN  USING  FULL  OR 
HALF  DUPLEX  MODES  WITH  A  NONSWITCHED  LINE,  USERS  CAN  LOAD  KKs  AND 
KDs.  WHEN  USING  SIMPLEX  MODE,  THE  UNIT  AUTOMATICALLY  USES  KD  ONLY. 
MANUAL  KEY  ENTRY  OFFERS  AN  ADDITIONAL  SECURITY  FEATURE:  SPLIT  KEY 
KNOWLEDGE  (FOR  BOTH  KK  PAIRS  AND  KDs) .  THE  CIDEC-LS  CHECKS  ALL 
NEWLY  ENTERED  KEYS  AND  ACCEPTS  THEM  ONLY  IF  THEY  ARE  SUITABLE. 
CONTACT  FACTORY  FOR  FURTHER  INFORMATION. 

10.  Key  Loader 
KOI-18  KEY  LOADER 

11.  Equipment  Physical  Security  Features 

TAMPER  PROOFING,  DUAL  PICK  RESISTANT  LOCKS,  SECURE  RACK  MOUNT 

12 .  Cost  Range 

CONTACT  FACTORY  (DEPENDENT  ON  QUANTITY) 

13 .  Availability 
DELIVERY:  30  DAYS  ARO 

14.  Leasing  Option 

LEASING  AVAILABLE  (CONTACT  FACTORY) 

15 .  Equipment  Options 

SECURE  DESK-TOP  MOUNT,  RACK  MOUNTING  KIT 
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1.  Manufacturer  Name 


CYLINK 

2 .  Manufacturer  Address 

920  WEST  FREMONT  AVENUE 
SUNNYVALE,  CALIFORNIA  94087 

3.  United  States  Government  Endorsement  Identification  Number 
(USGEID) 

00000035 

4.  Vendor  Model  Number 

CIDEC-MS  (MEDIUM  SPEED  ENCRYPTOR) 

5.  Vendor  Point  of  Contact 

DAVID  HAMMOND 
(404)  662-5627 


6 .  Equipment  Characteristics 

SYNCHRONOUS  DATA  RATES  FROM  1.2  KBPS  TO  112  KBPS 
SELF-SYNCHRONIZING  ENCRYPTION  PROCESS 

FULL  DUPLEX,  POINT  TO  POINT  LINKS,  PROTOCOL  TRANSPARENT, 
INTERFACES : 

RS-232C 
CCITT  V.35 
RS-422 

MENU  DRIVEN  ATTRIBUTES 

7 .  Testing 

TEST  MODE  INCLUDES:  DIAGNOSTICS,  ENCRYPTION,  AND  LOOPING  TESTS 

8.  Alarm  and  Status  Reporting 

TWO  LINE  BY  40  CHARACTER  LCD  DISPLAY  USED  FOR  STATUS,  ALARM,  AND 
INSTRUCTIVE  MESSAGES 

KEY  LIST  STATUS  VIA  FRONT  PANEL  DISPLAY 

INTERNAL  DATE/TIME  STAMPED  ALARM  MESSAGES  (99  EVENTS) 

GENERAL  ALARM  LED  INDICATES  ACTIVE  OR  HISTORICAL  ALARM  EVENTS 
AUXILIARY  RS232  PORT  ENABLES  AN  AUDIT  OF  ALL  STATUS  AND  ALARM 
MESSAGES  FROM  THE  ENCRYPTOR 
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9.  Key  Management  Features / Key  Distribution 

KEY  VARIABLE  STORAGE  VIA  KOI-18  (INTERFACE  CABLE  AVAILABLE)  OR 
VIA  FRONT  PANEL  KEYPAD  ENTRY.  KEY  LIST  INDEXING  OVER  THE  NETWORK 
IS  ACCOMPLISHED  BY  AN  NSA-APPROVED  METHOD.  THIS  TECHNIQUE  COUPLED 
WITH  AUTOMATIC  PROGRAMMED  TIME  CHANGE  OF  THE  KEYS,  ALLOWS  FOR  MORE 
FREQUENT  KEY  CHANGES  IN  A  PRACTICAL  MANNER. 


10.  Key  Loader 

KOI-18  KEY  LOADER 


11.  Equipment  Physical  Security  Features 

TAMPER  PROOFING,  DUAL  PICK  RESISTANT  LOCKS,  SECURE  RACK  MOUNT 

12.  Cost  Range 

CONTACT  FACTORY  (DEPENDENT  ON  QUANTITY) 

13 .  Availability 

DELIVERY:  30-60  DAYS  ARO 

14 .  Leasing  Option 

LEASING  AVAILABLE  (CONTACT  FACTORY) 

15.  Equipment  Options 

STANDARD  CIDEC-MS  IS  EQUIPPED  FOR  19  INCH  RACK  MOUNT  AND  115  VAC 
OPERATION.  OPTIONAL  23  INCH  RACK  MOUNT,  220  VAC  OR  -48  VDC  AT  NO 
ADDITIONAL  CHARGE. 

16.  Misc.  Descriptions 

3.5  INCH  HEIGHT,  17  INCH  WIDTH,  17  INCH  DEPTH 
30  WATTS  APPROXIMATE  DISSIPATION 
22  POUNDS 
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1.  Manuf actur er  Name 
CYLINK 

2 .  Manufacturer  Address 

920  WEST  FREMONT  AVENUE 
SUNNYVALE,  CALIFORNIA  94087 

3.  United  States  Government  Endorsement  Identification  Number 
(USGEID) 

00000025 

4.  Vendor  Model  Number 

CIDEC-HS  (HIGH  SPEED  ENCRYPTOR) 

5.  Vendor  Point  of  Contact 

DAVID  HAMMOND 
ATLANTA,  GA 
(404)  662-5627 

6 .  Equipment  Characteristics 

SYNCHRONOUS  DATA  RATES  FROM  9.6  KBPS  TO  7 . 0  MBPS 
NO  ERROR  EXTENSION 

FULL  DUPLEX,  POINT  TO  POINT  LINKS,  PROTOCOL  TRANSPARENT  INTERFACES: 
DS2  (6-312  MBPS) 

DSl  (1.544  MBPS) 

CCITT  V.35 

RS-422,  V.ll,  G.703 (2.048MBPS) 

(1X1)  REDUNDANCY  SWITCH  CAPABILITY 
MENU  DRIVEN  ATTRIBUTES 

7 .  Testing 

TEST  MODE  INCLUDES:  DIAGNOSTICS,  ENCRYPTION,  AND  LOOPING  TESTS 

8.  Alarm  and  Status  Reporting 

TWO  LINE  BY  40  CHARACTER  LCD  DISPLAY  USED  FOR  STATUS,  ALARM,  AND 
INSTRUCTIVE  MESSAGES 

KEY  LIST  STATUS  VIA  FRONT  PANEL  DISPLAY 

INTERNAL  DATE/TIME  STAMPED  ALARM  MESSAGES  (99  EVENTS) 

GENERAL  ALARM  LED  INDICATES  ACTIVE  OR  HISTORICAL  ALARM  EVENTS 
AUXILIARY  RS232  PORT  ENABLES  AN  AUDIT  OF  ALL  STATUS  AND  ALARM 
MESSAGES  FROM  THE  ENCRYPTOR 
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9. 


Key  Management  Features /Key  Distribution 


KEY  VARIABLE  STORAGE  VIA  KOI-18  (INTERFACE  CABLE  AVAILABLE)  OR 
VIA  FRONT  PANEL  KEYPAD  ENTRY.  KEY  LIST  INDEXING  OVER  THE  NETWORK 
IS  ACCOMPLISHED  BY  AN  NSA-APPROVED  METHOD.  THIS  TECHNIQUE  COUPLED 
WITH  AUTOMATIC  PROGRAMMED  TIME  CHANGE  OF  THE  KEYS,  ALLOWS  FOR  MORE 
FREQUENT  KEY  CHANGES  IN  A  PRACTICAL  MANNER. 

10.  Key  Loader 
KOI-18  KEY  LOADER 

11.  Equipment  Physical  Security  Features 

TAMPER  PROOFING,  DUAL  PICK  RESISTANT  LOCKS,  SECURE  RACK  MOUNT 

12 .  Cost  Range 

CONTACT  FACTORY  (DEPENDENT  ON  QUANTITY) 

13 .  Availability 

DELIVERY:  30-60  DAYS  ARO 

14 .  Leasing  Option 

LEASING  AVAILABLE  (CONTACT  FACTORY) 

15.  Equipment  Options 

STANDARD  CIDEC-HS  IS  EQUIPPED  FOR  19  INCH  RACK  MOUNT  AND  115  VAC 
OPERATION.  OPTIONAL  23  INCH  RACK  MOUNT,  220  VAC  OR  -48  VDC  AT  NO 
ADDITIONAL  CHARGE. 

16.  Misc.  Descriptions 

3.5  INCH  HEIGHT,  17  INCH  WIDTH,  17  INCH  DEPTH 
50  WATTS  APPROXIMATE  DISSIPATION 
32  POUNDS 
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1 .  Manufacturer  Name 


DATOTEK 

2.  Manufacturer  Address 

3801  REALTY  ROAD 
DALLAS,  TEXAS  72544 
(214)  241-4491 

3.  United  States  Government  Endorsement  Identification  Number 
(USGEID) 

00000028 

4.  Vendor  Model  Number 
DATOTEK  CIPHERBIT  1027-13 

5.  Vendor  Point  of  Contact 

JOHN  GINDLING  (214)  241-4491 

6 .  Equipment  Characteristics 

THE  DATOTEK  CIPHERBIT  1027-13  IS  A  LINK  ENCRYPTION  DEVICE  THAT  IS 
PROTOCOL  TRANSPARENT  AND  CAN  OPERATE  IN  POINT-TO-POINT  OR 
MULTIPOINT  CIRCUITS.  THIS  EQUIPMENT  CAN  OPERATE  IN  THE  SYNCHRONOUS 
MODE  UP  TO  64  KBPS  OR  IN  THE  ASYNCHRONOUS  MODE  UP  TO  19.6  KBPS.  THE 
CIPHERBIT  1027-13  CAN  REMOTELY  CHANGE  KEYING  VARIABLES  THRU  A 
METHOD  CALLED  "KEY  INDEXING". 

7 .  Testing 

CALL  VENDOR  FOR  INFORMATION 

8.  Alarm  and  Status  Reporting 
CALL  VENDOR  FOR  INFORMATION 

9.  Key  Management  Features /Key  Distribution 

KEYS  CAN  BE  ENTERED  INTO  THE  CIPHERBIT  1027-13  EITHER  MANUALLY  OR 
VIA  A  KOI-18  OR  A  GENERAL  PURPOSE  TAPE  READER.  MANUAL  ENTRY 
REQUIRES  A  PRINTED  DES  KEY  LIST.  TO  ENTER  A  KEY  VIA  A  KOI-18  OR  A 
GENERAL  PURPOSE  TAPE  READER,  SPECIAL  CABLES  AND  A  DES  KEY  TAPE  IN 
PUNCHED  FORMAT  ARE  REQUIRED.  CABLES  CAN  BE  ORDERED  FROM  DATOTEK. 

10.  Key  Loader 

SEE  ITEM  9  ABOVE 
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11.  Equipment  Physical  Security  Features 
CALL  VENDOR  FOR  INFORMATION 

12 .  Cost  Range 

CALL  VENDOR  FOR  INFORMATION 

13 .  Availability 

CALL  VENDOR  FOR  INFORMATION 

14.  Leasing  Option 

CALL  VENDOR  FOR  INFORMATION 

15.  Equipment  Options 

CALL  VENDOR  FOR  INFORMATION 

16.  Misc.  Descriptions 

CALL  VENDOR  FOR  INFORMATION 
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1.  Manufacturer  Name 

DIGITECH  TELECOMMUNICATIONS  INC. 

2.  Manufacturer  Address 

342  MADISON  AVENUE  SUITE  2010 
NEW  YORK,  NY  10173 

3.  United  States  Government  Endorsement  Identification  Number 


00000045 


4.  Vendor  Model  Number 
LS-1027 

5.  Vendor  Point  of  Contact 

MS.  SUZANNE  HARPER  (212)  557-7230 

6.  Equipment  Characteristics 

PORTS:  2  -  EIA  RS-232C 

DATA  RATE:  TWO  UNIT  CONFIGURATIONS  - 

1.  ASYNCHRONOUS  -  UP  TO  19,200  BAUD 

2.  SYNCHRONOUS  -  UP  TO  9,600  BAUD 

PROTOCOLS:  1.  ASYNCHRONOUS  -  START /STOP 

2.  SYNCHRONOUS  -  SYNC/BISYNC 

SDLC 

X.25/HDLC 

ZEROIZE:  1.  MANUAL 

2.  AUTOMATIC 

PHYSICAL:  10.5"  W,  2.75"  H,  11.5"  D 

20  LBS 

POWER:  120  VAC 
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7 


Testing 

THE  FOLLOWING  TESTS  ARE  AVAILABLE 


1.  AUTOMATIC  SELF-TEST  ON  POWER-UP 

2.  MANUAL  TEST 

3.  LAMP/ALARM  TEST 

4.  DES  S-BOX  TEST 

5.  DES  CHECKWORD 


6.  KEY  PARITY 

7.  BATTERY-BACKED  RAM  CHECKSUM 

8.  Alarm  and  Status  Reporting 

1.  POWER  ON /OFF 

2.  BATTERY  STATUS 

3.  PARITY  CHECK 

4.  COMMAND  AND  KEY  INPUT  CHECK 

5.  VISUAL  AND  AUDIBLE  ERROR  REPORTING 

6.  TEST  MODE 

7.  INTRUSION 

9.  Key  Management  Features /Key  Distribution 
CALL  VENDOR  FOR  INFORMATION 


10.  Key  Loader 
HEXADECIMAL  KEY  PAD 

11.  Eguipment  Physical  Security  Features 
THREE  TAMPER-RESISTANT  KEY  LOCKS 

12 .  Cost  Range 

PRICED  COMPETITIVELY 

13 .  Availability 

CALL  VENDOR  FOR  INFORMATION 

14.  Leasing  Option 

CALL  VENDOR  FOR  INFORMATION 

15 .  Eguipment  Options 

DESK-TOP  UNIT,  DESIGNED  FOR  EASE  OF  USE 

16 .  Misc.  Descriptions 


CALL  VENDOR  FOR  INFORMATION 


2-25 


1. 


Manufacturer  Name 


FAIRCHILD  COMMUNICATIONS  &  ELECTRONICS  CO. 

2 .  Manuf actur er  Address 

FAIRCHILD  INDUSTRIES,  INC. 

GERMANTOWN,  MARYLAND  20874-1182 
(301)  428-6904 

3.  United  States  Government  Endorsement  Identification  Number 
(USGEID) 

00000031 

4.  Vendor  Model  Number 

FAIRCHILD  BURST  ENCRYPTION  UNIT  (BEU) 

5.  Vendor  Point  of  Contact 

MR.  DONALD  MARCOPULOS  (301)  428-6904 

6.  Equipment  Characteristics 

THE  FAIRCHILD  BURST  ENCRYPTION  UNIT  IS  DESIGNED  TO  OPERATE  IN  A 
TDMA  SATELLITE  COMMUNICATIONS  SYSTEM  IN  CONJUNCTION  WITH  THE 
AMERICAN  SATELLITE  COMPANY'S  INTEGRATED  COMMUNICATIONS  CONTROLLERS 
(ICC).  THE  BEU  PROVIDES  BULK  ENCRYPTION,  UP  TO  12.2  MBPS,  OF  USER 
VOICE  AND  DATA  CHANNELS  WHICH  HAVE  BEEN  MULTIPLIED  AND  FORMATTED  BY 
THE  ICC. 

7.  Testing 

CALL  VENDOR  FOR  INFORMATION 

8.  Alarm  and  Status  Reporting 
CALL  VENDOR  FOR  INFORMATION 

9.  Key  Management  Features /Key  Distribution 
CALL  VENDOR  FOR  INFORMATION 

10.  Key  Loader 

CALL  VENDOR  FOR  INFORMATION 
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11.  Equipment  Physical  Security  Features 


CALL  VENDOR  FOR  INFORMATION 

12 .  Cost  Range 

CALL  VENDOR  FOR  INFORMATION 

13 .  Availability 

CALL  VENDOR  FOR  INFORMATION 

14 .  Leasing  Option 

CALL  VENDOR  FOR  INFORMATION 
15 •  Equipment  Options 

CALL  VENDOR  FOR  INFORMATION 
16 .  Misc.  Descriptions 

CALL  VENDOR  FOR  INFORMATION 
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Manufacturer  Name 


HUGHES  NETWORK  SYSTEMS 

2.  Manufacturer  Address 

10790  ROSELLE  STREET 

SAN  DIEGO,  CALIFORNIA  92121 

3.  United  States  Government  Endorsement  Identification  Number 
(USGEID) 

00000018 

4.  Vendor  Model  Number 
LC76CF  DKD 

5.  Vendor  Point  of  Contact 

MR  DAVE  LASTRICO  (619)  453-7007  EXT  4301 

6 .  Equipment  Characteristics 

THE  LC76CF  DIRECT  CIPHER  KEY  DISTRIBUTION  (DKD)  IS  A  FULL  DUPLEX, 
DIGITAL  ENCRYPTION/DECRYPTION  UNIT  THAT  CAN  OPERATE  AT  DATA  RATES 
FROM  110  BPS  TO  112.5  KBPS. 

FOR  GOVERNMENT  APPLICATIONS,  THE  LC76CF  DKD  REQUIRES  A  KOI-18  KEY 
FILL  DEVICE  WITH  SPECIAL  CABLES  TO  LOAD  THE  DES  KEY.  THE  DES  KEY 
MUST  BE  ORDERED  IN  A  PUNCHED  PAPER  TAPE  FORMAT.  QUESTIONS 
CONCERNING  THE  SPECIAL  CABLES  FOR  THE  KOI-18  AND  THE  LC76CF  SHOULD 
BE  DIRECTED  TO  BOB  BERLIN  (619)  457-2574. 

MODEL  INPUT  ELEC  SYNC  POWER  DEU 

VOLTAGE  INTERFACE  FRAMING  SUPPLY  REDUNDANCY 

REDUNDANCY 


LC76CF 

115VAC 

RS-442 

GENERAL 

1  POWER 
SUPPLY 

1  CH=S INGLE 
CHANNEL 

230VAC 

V35 

2  POWER 
SUPPLIES 

2  CH  =  DUAL 
CHANNEL 

48VDC 

RS-232 

RED  = 
REDUNDANT 

THE  LC76CF 

WITH  ALL 

POSSIBLE 

CONFIGURATIONS 

IS  ENDORSED 

AS  MEETING 

FS-1027. 
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7 .  Testing 

CALL  VENDOR  FOR  INFORMATION 

8.  Alarm  and  Status  Reporting 
CALL  VENDOR  FOR  INFORMATION 

9.  Key  Management  Features /Key  Distribution 
CALL  VENDOR  FOR  INFORMATION 

10.  Key  Loader 

SEE  ITEM  NUMBER  6  ABOVE. 

11.  Eguipment  Physical  Security  Features 
CALL  VENDOR  FOR  INFORMATION 

12 .  Cost  Range 

COST  FOR  THE  LC76CF  DKD  IS  EXPECTED  TO  BE  IN  THE  $6 , 000-$8 , 000 
RANGE. 

13 •  Availability 

CALL  VENDOR  FOR  INFORMATION 

14 .  Leasing  Option 

CALL  VENDOR  FOR  INFORMATION 

15 .  Eguipment  Options 

CALL  VENDOR  FOR  INFORMATION 

16 .  Misc.  Descriptions 

CALL  VENDOR  FOR  INFORMATION 
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1.  Manufacturer  Name 


HUGHES  NETWORK  SYSTEMS 

2 .  Manufacturer  Address 

10790  ROSELLE  STREET 

SAN  DIEGO,  CALIFORNIA  92121 

3 .  United  States  Government  Endorsement  Identification  Number 
(USGEIDT 

00000014 

4.  Vendor  Model  Number 


LC76 

5.  Vendor  Point  of  Contact 

MR  DAVE  LASTRICO  (619)  453-7007  EXT  4301 

6 .  Equipment  Characteristics 

THE  LC76  IS  A  BULK  ENCRYPTION  DEVICE  WHICH  CAN  OPERATE  AT  1.544 
MBPS  OR  IT  CAN  BE  CONFIGURED  TO  OPERATE  ON  DIGITAL  DATA  STREAMS 
FROM  9600  BPS  TO  6  MBPS.  KEYING  MATERIAL  REQUIREMENTS  AND  SPECIAL 
CABLE  REQUIREMENTS  ARE  THE  SAME  AS  IN  USGEID  00000013  (PAGE  2-32) . 
THE  LC76  CAN  OPERATE  AT  VARIOUS  INPUT  VOLTAGES  -  115VAC,  230VAC, 
48VDC;  IT  CAN  OPERATE  WITH  VARIOUS  ELECTRICAL  INTERFACES  -  RS442, 
V35,  Tl;  IT  CAN  BE  EQUIPPED  WITH  ONE  OR  TWO  POWER  SUPPLIES,  IT  CAN 
BE  SINGLE  CHANNEL,  DUAL  CHANNEL,  OR  1:1  REDUNDANT 


MODEL 

INPUT 

VOLTAGE 

ELEC 

INTERFACE 

SYNC 

FRAMING 

POWER 

SUPPLY 

REDUNDANCY 

DEU 

REDUNDANCY 

LC-76 

115VAC 

RS442 

DSl 

IPS 

IDEU 

230VAC 

V3  5 

GEN 

2PS 

2DEU 

48VDC  Tl  REDUNDANT 

THE  LC76  WITH  ALL  POSSIBLE  COMBINATIONS  ABOVE  IS  ENDORSED  AS 
MEETING  FS-1027. 

7 .  Testing 

CALL  VENDOR  FOR  INFORMATION 
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8.  Alarm  and  Status  Reporting 
CALL  VENDOR  FOR  INFORMATION 

9.  Key  Management  Features/Key  Distribution 
CALL  VENDOR  FOR  INFORMATION 

10.  Key  Loader 

KEYING  MATERIAL  REQUIREMENTS  AND  SPECIAL  CABLE  REQUIREMENTS  ARE  THE 
SAME  AS  IN  USGEID  00000013  (PAGE  2-32). 

11.  Eguipment  Physical  Security  Features 
CALL  VENDOR  FOR  INFORMATION 

12.  Cost  Range 

CALL  VENDOR  FOR  INFORMATION 

13 .  Availability 

CALL  VENDOR  FOR  INFORMATION 

14 .  Leasing  Option 

CALL  VENDOR  FOR  INFORMATION 

15.  Eguipment  Options 

CALL  VENDOR  FOR  INFORMATION 

16.  Misc.  Descriptions 

CALL  VENDOR  FOR  INFORMATION 
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1.  Manufacturer  Name 


HUGHES  NETWORK  SYSTEMS 

2 .  Manufacturer  Address 

10790  ROSELLE  STREET 

SAN  DIEGO,  CALIFORNIA  92121 

3.  United  States  Government  Endorsement  Identification  Number 
(USGEID) 

00000013 

Vendor  Model  Number 
LC76A-DS1 

THE  FOLLOWING  MODELS  ARE  ENDORSED  AS  MEETING  FS-1027. 
LC76A-48VDC-T1-DS1-1PS-1DEU 
LC76A-48VDC-T1-DS1-2PS-2DEU 
LC76A-48VDC-T1-DS1-2PS-REDUNDANT 
LC76A-115VAC-T1-DS1-1PS-1DEU 
LC76A-115VAC-T1-DS1-2PS-2DEU 
LC76A-115VAC-T1-DS1-2PS-REDUNDANT 
LC76A-230VAC-T1-DS1-1PS-1DEU 
LC76A-230VAC-T1-DS1-2PS-2DEU 
LC76A-230VAC-T1-DS1-2PS-REDUNDANT 

ALL  OF  THE  ABOVE  MODELS  ARE  ASSIGNED  USGEID  00000013. 

5.  Vendor  Point  of  Contact 

MR  DAVE  LASTRICO  (619)  453-7007  EXT  4301 

6 .  Equipment  Characteristics 

THE  LC76A-DS1  WHICH  MEETS  FS-1027  IS  A  BULK  ENCRYPTION  DEVICE  WITH 
A  TWINAX  CONNECTOR  WHICH  OPERATES  AT  1.544  MBPS  IN  A  BELL  DSl  DATA 
FORMAT. 

FOR  GOVERNMENT  APPLICATIONS,  THE  LC76A-DS1  REQUIRES  A  KOI-18  KEY 
FILL  DEVICE  WITH  SPECIAL  CABLES  TO  LOAD  THE  DES  KEY.  THE  DES  KEY 
MUST  BE  ORDERED  IN  A  PUNCHED  PAPER  TAPE  FORMAT. 

7 .  Testing 


CALL  VENDOR  FOR  INFORMATION 

8.  Alarm  and  Status  Reporting 
CALL  VENDOR  FOR  INFORMATION 
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9.  Key  Management  Features /Key  Distribution 
CALL  VENDOR  FOR  INFORMATION 

10.  Key  Loader 

SEE  ITEM  6  ABOVE:  QUESTIONS  CONCERNING  THE  SPECIAL  CABLES  FOR  THE 
KOI-18  SHOULD  BE  DIRECTED  TO  KEN  COHEN  (619)  457-2340 

11.  Equipment  Physical  Security  Features 
CALL  VENDOR  FOR  INFORMATION 

12 .  Cost  Range 

COST  FOR  THE  LC76A-DS1  IS  EXPECTED  TO  BE  IN  THE  $9 , 000-$10 , 000 
RANGE . 

13.  Availability 

CALL  VENDOR  FOR  INFORMATION 

14.  Leasing  Option 

CALL  VENDOR  FOR  INFORMATION 

15.  Equipment  Options 

CALL  VENDOR  FOR  INFORMATION 

16.  Misc.  Descriptions 

CALL  VENDOR  FOR  INFORMATION 
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1.  Manufacturer  Name 


PARADYNE  CORPORATION 

2.  Manufacturer  Address 

8550  ULiMERTON  ROAD 
LARGO,  FLORIDA  34641-3893 

3.  United  States  Government  Endorsement  Identification  Numbe^ 

(usgeTd) 

00000015 

4*  Vendor  Model  Number 

INFOLOCK  MODEL  2811-13 

5*  Vendor  Point  of  Contact 

MR.  FRANK  DOLAN 
PARADYNE  CORPORATION 
1577  SPRING  HILL  ROAD 
VIENNA,  VIRGINIA  22180 
(703)  448-0062 

6.  Equipment  Characteristics 

BIT  RATE : SYNCHRONOUS  -  UP  TO  64  KBPS  (CFB  8) 

-  UP  TO  9.6  KBPS  (CFB  1) 

ASYNCHRONOUS-  50,  75,  110,  134.5,  150,  300,  600,  1200, 

2400,  3600,  4800,  7200,  9600,  19,200  BPS 


SIZE:  3.5''H  X  8.5"W  X  17"L 
WEIGHT;  21LBS 

POWER:  100,  120,  220,  240  VAC;  47-62  HZ;  40  WATTS 
INTERFACE:  RS-232C 

PROTOCOLS:  ALL  (OPERATION  INDEPENDENT  OF  LINK  PROTOCOL) 

ZEROIZE:  MANUAL  FROM  FRONT  PANEL;  AUTOMATIC  IF  TAMPERING  DETECTED 
WITH  OR  WITHOUT  AC  POWER 

DIAGNOSTICS:  AUTOMATIC  INTERNAL  CHECKS,  CONTINUOUS  SELF  TESTS, 
DIAGNOSTIC  TESTS,  INDICATORS 


7 .  Testing 

LINK  TEST,  INTERNAL  ALARMS  TEST,  UNIT  FUNCTIONAL  TEST,  LAMP, 
DISPLAY  AND  ANNUNCIATOR  TEST,  LOCAL  CIPHER  TEXT  LOOPBACK  TEST, 
INPUT-OUTPUT  COMPARATOR  TEST 
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8.  Alarm  and  Status  Reporting 

EXTERNAL  ALARM  OUTPUT,  REMOTE  ALARM  REPORTING,  ERROR  INDICATION 

9.  Key  Management  Features / Key  Distribution 
KEY  INDEXING,  DIAL  KEY  MANAGEMENT 

10.  Key  Loader 

INFOLOCK  LOADS  KEYS  EITHER  MANUALLY  VIA  A  FRONT  PANEL  KEYPAD  (FROM 
A  KEY  LIST)  OR  FROM  PAPER  TAPE  USING  A  KOI-18.  THE  KOI-18  IS 
CONNECTED  VIA  A  CABLE  THAT  CAN  BE  ORDERED  FROM  PARADYNE. 

11.  Equipment  Physical  Security  Features 

INFOLOCK  MEETS  THE  PHYSICAL  SECURITY  REQUIREMENTS  OF  FED-STD  1027. 
THE  INFOLOCK  CASE  IS  STEEL.  ACCESS  TO  THE  INTERNAL  CHASSIS  CAN  ONLY 
BE  OBTAINED  BY  REMOVING  THE  FRONT  PANEL  WHICH  IS  PROTECTED  BY  A 
STEEL  DOOR.  THE  STEEL  DOOR,  AS  WELL  AS  ACCESS  TO  THE  KEYPAD 
FUNCTIONS,  IS  PROTECTED  BY  PICK  RESISTANT  LOCKS.  THE  REAR  PANEL 
HAS  AN  INTEGRAL  U-BOLT  FOR  SECURING  THE  ENCRYPTOR  AGAINST  PHYSICAL 
REMOVAL. 

12 .  Cost  Range 

PRICE  OF  INFOLOCK  MODEL  2811-13  IS  $1400  (QTY.  1) 

QUANTITY  DISCOUNTS  AVAILABLE 

13 .  Availability 

AVAILABLE  FROM  STOCK.  (ORDER  "INFOLOCK  MODEL  2811-13") 

14 .  Leasing  Option 
AVAILABLE 

15.  Eguipment  Options 
NONE 

16.  Misc.  Descriptions 

PRESET  CONFIGURATIONS:  INSTALLATION  IS  GREATLY  SIMPLIFIED  BY 
PRESET  CONFIGURATIONS.  MOST  COMMON  NETWORK  CONFIGURATIONS  ARE 
INCLUDED  (SYNCHRONOUS/ ASYNCHRONOUS;  DIAL-UP/LEASED  LINE; 

MASTER/ SLAVE ;  MULTIPOINT/POINT-TO-POINT,  ETC.).  UNIT  CAN  BE  FULLY 
CONFIGURED  SIMPLY  BY  PRESSING  THE  PRESET  KEY  FOLLOWED  BY  THE  NUMBER 
OF  THE  DESIRED  CONFIGURATION 
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1.  Manufacturer  Name 


RACAL-MILGO 

2 .  Manufacturer  Address 

1601  NORTH  HARRISON  PARKWAY 
SUNRISE,  FLORIDA  33323 

3.  United  States  Governmenjt  Endorsement  Identification  Number 
(USGEID) 

00000016 


4.  Vendor  Model  Number 

DC64-1027,  10-02A00(RS232C) ,  10-02A01 (V. 35) ,  10-02A02 (V. 11) . 


5.  Vendor  Point  of  Contact 


WAYNE  E.  BRAUNSTEIN,  (202)  466-3940 


6. 


Equipment  Characteristics 


BIT  RATE 

SIZE 

WEIGHT 

POWER 

INTERFACES 

PROTOCOLS 

ZEROIZE  FEATURE  - 

DIAGNOSTICS 


PROPAGATION  DELAY- 
RTS/CTS 


UP  TO  19.2  KBPS  ASYNCHRONOUS 
UP  TO  64  KBPS  SYNCHRONOUS 
2.7''H  X  8.0"W  X  16.2''D 
8  LBS 

100-240  VAC,  47-65  HZ,  19  WATTS 

RS232C,  V.35,  V.ll 

PROTOCOL  TRANSPARENT 

MANUAL  AND  AUTOMATIC 

DES  S-BOX/CHECKWORD,  PARITY  CHECK 

CIPHER  TEXT  INHIBIT,  LOOP  BACK  TEST, 

ROM/RAM  TEST,  LINK/KEYS  TEST,  MEMORY 

TEST,  CIPHER  TEXT  MONITOR,  UNATTENDED 

REMOTE  DIAGNOSTICS 

3  BITS  PER  DEVICE  (SYNCHRONOUS) 

1.5  BITS  PER  DEVICE  (ASYNCHRONOUS) 

56  DATA  BITS  MAX  (SYNCHRONOUS) 

50  DATA  BITS  MAX  (ASYNCHRONOUS) 


7 .  Testing 

AUTOMATIC  SELF  TESTING  UPON  POWER  UP,  MANUAL  UNATTENDED 
REMOTE  TESTING 
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8.  Alarm  and  Status  Reporting 

LED  ALARM  INDICATION  AND  RELAY  CONTACT  LOCATED  ON  UNIT. 

ALARM  REPORTING  INCLUDES:  INADVERTENT  TRANSMISSION  OF 
PLAIN  TEXT,  KEY  PARITY  ERROR,  LOSS  OF  MEMORY  DUE  TO  PHYSICAL 
TAMPERING,  FAILURE  OF  INTERNAL  ENCRYPTION/ DECRYPTION , 

PHYSICAL  FAILURE  OF  LOCKS,  AND  POWER  FAILURE  (ACTIVATES 

RELAY  CONTACT  ONLY) .  STATUS  OF  KEY  VARIABLES,  MODE  OF  OPERATION, 

ETC.  REPORT  STATUS  AVAILABLE  FROM  THE  CENTRAL  SITE  ENCRYPTOR. 

9.  Key  Management  Features/Key  Distribution 

A.  TWO  KEY  SYSTEM 

DOWNLINE  LOADING  OF  KDs  FROM  CENTRAL  TO  REMOTE  AS  PER 
ANSI  X9.17  (MANUAL  OR  PRE-TIMED) 

KEY  INDEXING  OF  KKs  (MANUAL  OR  PRE-TIMED) 

KDs  AND  KKs  STORED  IN  CENTRAL  SITE  ENCRYPTOR,  KKs 
ONLY  IN  REMOTE  SITE  ENCRYPTORS 

B.  ONE  KEY  SYSTEM  (FOR  DIAL-UP  APPLICATIONS) 

KEY  INDEXING  OF  KD ' S  (MANUAL  OR  PRE-TIMED) 

C.  KEY  ENTRY  WITH  KEY  LOADER-1027,  KOI-18,  OR  GENERAL 
PURPOSE  TAPE  READER  (GPTR) . 

KEY  LOADER-1027  REQUIRES  PRINTED  TAPE,  KOI-18  AND  GPTR  REQUIRES 
PUNCHED  PAPER  TAPE 

10 .  Key  Loader 

THE  KEY  LOADER-1027  (USGEID  NUMBER  00000016)  IS  AVAILABLE 
FOR  KEY  VARIABLE  ENTRY  USING  PRINTED  PAPER  TAPE. 


11.  Eguipment  Physical  Security  Features 

MEETS  PHYSICAL  SECURITY  REQUIREMENTS  OF  FED  STD  1027. 
TWO  PICK  RESISTANT  LOCKS 

WRAPAROUND  (PROBE-PROOF)  METAL  ENCLOSURE 

AUTOMATIC  ERASURE  OF  KEY  VARIABLES  UPON  FORCED  ENTRY  OR 
MANUAL  ZEROIZATION 

AUDIBLE  ALARM  REPORTING  CAPABILITY 
SECURE  DESK  TOP  MOUNTING  ASSEMBLY 

12 .  Cost  Range 

COMMERICAL  PRICING  STARTING  AT  $1,900.00,  GSA  PRICING 
AVAILABLE 
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13 .  Availability 


1  TO  2  WEEKS  AFTER  RECEIPT  OF  ORDER 

14.  Leasing  Option 

12,  24,  36,  60  MONTH  LEASES  AVAILABLE 

15.  Equipment  Options 

KEY  LOADER-1027,  SECURE  DESK-TOP  MOUNT,  ADAPTOR  CABLE  FOR 
KOI-18,  GPTR,  RACK-MOUNTING  KIT 

16 .  Misc.  Descriptions 

THE  RACAL-MILGO  DATACRYPTOR  64-1027  IS  A  LINK  ENCRYPTION 
DEVICE  THAT  CAN  OPERATE  UP  TO  64  KBPS  SYNCHRONOUS  AND  UP  TO  19.2 
KBPS  ASYNCHRONOUS  IN  POINT-TO-POINT  AND  MULTIPOINT  ENVIRONMENTS. 

THE  DC64-1027  ENCRYPTS  DATA  IN  SINGLE-BIT  CIPHER  FEEDBACK  MODE  UP 
TO  64  KBPS  FOR  PROTOCOL  TRANSPARENT  OPERATION  AND  AUTOMATIC 
RESYNCHRONIZATION. 

THE  DC64-1027  OFFERS  AN  NSA  APPROVED  METHOD  OF  KEY  MANAGEMENT  USING 
A  TWO  KEY  SYSTEM  OF  KEY  ENCRYPTING  KEYS  (KKs)  AND  DATA  ENCRYPTING 
KEYS  (KDs) .  THIS  METHOD  USES  DOWNLINE  LOADING  OF  (KDs)  TO 
ELECTRONICALLY  SEND  KDs  FROM  CENTRAL  TO  REMOTE  SITE  UNITS  IN 
ACCORDANCE  WITH  THE  PROTOCOLS  SPECIFIED  IN  ANSI  X9.17  KEY 
MANAGEMENT  STANDARD.  KEY  INDEXING  IS  USED  TO  INDEX  (ADVANCE)  THE 
KKs  IN  THE  UNIT'S  KK  LIST.  THE  CENTRAL  SITE  DC64-1027  CAN  ACCEPT 
BOTH  KDs  AND  KKs  WHILE  THE  REMOTE  UNIT  ONLY  REQUIRES  THE  KKs.  KEY 
INDEXING  AND  DOWNLINE  LOADING  CAN  BE  PERFORMED  MANUALLY  BY  THE 
OPERATOR  OR  PROGRAMMED  FOR  AUTOMATIC  (TIMED)  OPERATION. 

FOR  DIAL-UP  APPLICATIONS,  A  ONE  KEY  SYSTEM  CAN  BE  USED.  ALL  UNITS 
CAN  BE  LOADED  WITH  KDs  AND  CONFIGURED  AS  CENTRAL  SITE  UNITS.  KEY 
INDEXING  CAN  BE  USED  TO  INDEX  (ADVANCE)  THE  KD  LIST  AT  EACH  SITE  ON 
AN  AUTOMATIC  (TIMED)  BASIS. 

KEY  VARIABLES  MAY  BE  ENTERED  INTO  THE  DC64-1027  VIA  A  KOI-18 
OR  GENERAL  PURPOSE  TAPE  READER  USING  PUNCHED  PAPER  TAPE.  KEY 
VARIABLES  MAY  ALSO  BE  ENTERED  VIA  HAND-HELD  KEY  LOADER- 102 7  USING 
PRINTED  PAPER  TAPE.  TO  ENTER  KEYS  VIA  KOI-18  OR  GENERAL  PURPOSE 
TAPE  READER  REQUIRES  A  SPECIAL  CABLE  (SUPPLIED  BY  RACAL-MILGO)  AND 
PUNCHED  DES  KEY  TAPE. 

COST  FOR  THE  DC64-1027  STARTS  AT  $1,900.00.  GSA  PRICING  IS 
AVAILABLE.  THE  RACAL-MILGO  DATACRYPTOR  II  MODEL  1027  AND  THE 
DATACRYPTOR  64-1027  ARE  ASSIGNED  USGEID  00000016. 
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1.  Manufacturer  Name 


RACAL-MILGO 

2.  Manufacturer  Address 

1601  NORTH  HARRISON  PARKWAY 
SUNRISE,  FLORIDA  33323 

3 .  United  States  Government  Endorsement  Identification  Number 
(USGEIPy 

00000041 


4 .  Vendor  Model  Number 

RACAL-MILGO  DATACRYPTOR  1027  KEY  MANAGEMENT  CENTER 


10-02A30 

10-02A31 

10-02A32 

10-02A50 

10-02A70 

10-02A71 

10-02A100 

10-02A101 


(DC64-1027C,  RS232C  link  encryptor) 
(DC64-1027C,  V.35  link  encryptor) 
(DC64-1027C,  V.ll  link  encryptor) 
(DC64-1027KC  encryptor) 

(Software  Package,  non  X.25  version) 
(Software  Package,  X.25  version) 

(PC  and  related  hardware,  non  X.25  version) 
(PC  and  related  hardware,  X.25  version) 


5.  Vendor  Point  of  Contact 


WAYNE  E.  BRAUNSTEIN,  (202)  466-3940 


6.  Equipment  Characteristics 
DC64-1027C  and  DC64-1027KC 


Bit  Rate 


Size 

Weight 

Power 

Interfaces 

Protocols 
Zeroize  Feature 
Diagnostics 


Encryption  Mode 


-  Up  to  19.2Kbps  Asynchronous  (DC64-1027C  only) 
Up  to  64Kbps  Synchronous  (DC64-1027C  only) 
9.6Kbps  Async  (DC64-1027KC  only) 

-  2.7"H  X  8.0"W  X  16.2"D 

-  8  lbs. 

-  100-240VAC,  47-65HZ,  19  Watts 

-  RS232C,  V.35  (DC64-1027C  only),  V.ll  (DC64- 
1027  only) 

-  Protocol  Transparent 

-  Manual  and  Automatic 

-  DES  S-box/checkword,  parity  check,  cipher 
text  inhibit,  loopback  test,  ROM/RAM  test, 
link/keys  test,  memory  test,  cipher  text 
monitor,  and  unattended  remote  diagnostics. 

-  Link  Encryption,  Cipher  Feedback  up 
to  64Kbps  (DC64-1027C  only) 
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Key  Center  PC 


Centralized  Network  and  Key  Management  Facility  for  Point  to  Point, 
Multidrop,  and  Dial-Up  Crypto  Networks. 

Sophisticated  Database 
High  Speed,  20  MHZ  Performance 
Multi-tasking  Transaction  Processing 
Audit  Trail 

Menu-driven  User  Interface 
2Mb  Memory  and  60Mb  Hard  Disk 
Color  Display  Monitor 
500  Watts  Standby  Power  System 

Hard  Copy  Event  Logging,  Report  Generation,  and 
Label  Printing  via  external  printers. 

X.25  Network  Adapter  Card  (X.25  networks  only) 

7 .  Testing 

The  Datacryptor  1027  Key  Management  Center  allows  all  testing 
functions  to  be  performed  from  a  single  location.  These  functions 
include  Key  Verification,  Operating  Mode  Verification,  and 
Diagnostics  Testing. 

8.  Alarm  and  Status  Reporting 

All  cryptographic  alarms,  error  messages,  key  changes,  operating 
mode  changes,  diagnostics  testing  results,  and  other  significant 
events  are  reported  to  the  Datacryptor  1027  Key  Management  Center. 
These  events  are  automatically  logged  into  the  Key  Center's 
database  and  externally  printed  for  hard  copy  retrieval.  An 
optional  backup  Key  Center  can  maintain  a  duplicate  database  and 
record  all  events  reported  from  the  primary  Key  Center  for  disaster 
recovery  purposes. 

9.  Key  Management  Features/Key  Distribution 

The  Datacryptor  1027  Key  Management  Center  offers  centralized  key 
management/distribution  for  the  entire  crypto  network.  Key 
management  includes  ANSI  X9.17  Key  Distribution  plus  an  extension 
of  ANSI  X9 . 17  referred  to  as  Racal-Milgo  Key  Transfer.  Key 
distribution  techniques  such  as  key  indexing  and  downline  loading 
can  be  initiated  manually  by  the  Key  Center  operator  or  programmed 
for  automatic,  pre-timed  operation.  Key  verifications,  key 
changes,  key  translations,  and  key  zeroization  functions  can  all  be 
performed  from  one  central  location. 

10.  Key  Loader 

All  keying  material  is  supplied  by  NSA  in  paper  tape  and  floppy 
disk  form.  Floppy  disks  contain  encrypted  Data  Encrypting  Keys 
(KDs)  and  "first  layer"  Key  Encrypting  Keys  (KKs)  which  are 
encrypted  under  Facility  Keys  (KCs) .  Paper  tapes  contain 
unencrypted  KKCs  ("second  layer"  Key  Encrypting  Keys)  and  KCs.  The 
KDs  and  KKs  are  distributed  electronically  from  the  Key  Center 
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while  KKCs  are  distributed  manually  via  KOI-18,  General  Purpose 
Tape  Reader,  or  Key  Loader-1027.  The  KCs  are  loaded  from  paper 
tape  into  the  DC64-1027KC  unit  which  is  attached  to  the  Key 
Center ' s  PC . 

Contact  vendor  for  key  storage  capabilities  of  the  Key  Management 
Center  system  components. 

11.  Equipment  Physical  Security  Features 

DC64-1027C  and  DC64-1027KC 


Two  pick  resistant  locks 

Wraparound  (probe-proof)  metal  enclosure 

Automatic  zeroization  (erasure)  of  key  variables  upon  forced 
entry  and  manual  zeroization  by  the  operator. 

Audible  alarm  reporting  capability 

Secure  desk  top  mounting  assembly  (optional) 

Key  Center  PC 

Two  Level  User  Authorization 
User  Name  and  Password  Protection 

Lockout  on  Maximum  Failed  Logon  Attempts  (user  defined) 

Physical  Lock  Access  Control 
Optional  Secure  Mounting  (Anchor  Pad) 

12.  Cost  Range 
Contact  Vendor 

13.  Availability  (after  receipt  of  equipment  order) 

Contact  Vendor 

14 .  Leasing  Option 
Contact  Vendor 

15 .  Equipment  Options 
Backup  Key  Center 

40  Mb  Backup  Tape  Drive  for  Key  Center  PC 

Anchor  Pad  Computer  Security  System  for  Key  Center  PC 

Desk  Top  Mounting  Assembly  for  DC64-1027KC  or  C  encryptors 

Rack  Mount  Assembly  for  DC64-1027/c  encryptors 

Interface  Cable  for  KOI-18  or  General  Purpose  Tape  Reader 

Key  Loader-1027  for  external  key  variable  entry  from  printed  tape 
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16.  Misc.  Descriptions 


The  Racal-Milgo  Datacryptor  1027  Key  Management  Center  provides 
Network  and  Key  Management  for  an  entire  network  of  Datacryptor 
encryption  devices.  Key  Center  hardware  components  consist  of  a 
customized  Personal  Computer,  two  Printers,  and  a  Datacryptor  64- 
1027KC.  The  PC  stores  all  information  pertaining  to  the  crypto 
network  such  as  key  variables,  unit  addresses,  unit  serial  numbers, 
alarm  and  error  messages,  and  other  significant  information.  The 
printers  provide  continuous  event  logging,  hard  copy  report 
generation,  and  label  printing.  The  DC64-1027KC  performs  all  the 
cryptographic  functions  for  the  Key  Center  and  is  a  peripheral 
device  to  the  PC. 

Datacryptor  64-1027C's  are  used  for  encryption/decryption  of  user 
data  on  a  link  by  link  basis.  A  central  site  DC64-1027C 
communicates  with  the  Key  Center  to  perform  downline  loading  and 
key  indexing  functions  through  commands  from  the  Key  Center.  A 
typical  cryptographic  service  message  flow  is  Key  Center  to  central 
site  DC64-1027C  to  remote  site  DC64-1027C. 
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1. 


Manufacturer  Name 


TECHNICAL  COMMUNICATIONS  CORPORATION 

2.  Manufacturer  Address 

100  DOMINO  DRIVE 
CONCORD,  MA  01742 
(617)  862-6035 

3 .  United  States  Government  Endorsement  Identification  Number 
(USG^D) 

00000027 

4.  Vendor  Model  Number 
CIPHER  X  5000-1027-X. 25 

5.  Vendor  Point  of  Contact 

JOHN  GILL  (617)  862-6035 

6 .  Equipment  Characteristics 

THE  TCC  CIPHER  X  5000-1027  X.25  PROVIDES  END-TO-END  ENCRYPTION 
THROUGH  AN  X.25  PUBLIC  OR  PRIVATE  DATA  NETWORK.  THE  CIPHER  X  5000- 
1027  X.25  PROVIDES  SECURITY  IN  A  NETWORK-TRANSPARENT  MANNER  BY 
ENCRYPTING  ONLY  THE  USER  DATA  PORTION  OF  EACH  PACKET  AND  ALLOWING 
THE  REMAINING  CONTROL  FIELDS  TO  PASS  IN  THE  CLEAR.  THE  CIPHER  X 
5000-1027  X.25  CAN  OPERATE  AT  LINE  SPEEDS  UP  TO  9600  BPS  AND  IS 
ABLE  TO  SUPPORT  UP  TO  127  SIMULTANEOUS  SWITCHED  VIRTUAL  CIRCUITS. 
INDIVIDUAL  CIRCUITS  CAN  BE  ASSIGNED  PLAIN  OR  CIPHER  MODE  BASED  ON 
NETWORK  ADDRESS.  THE  STANDARD  INTERFACE  IS  RS-232C. 

7 .  Testing 

THE  CIPHER  X  5000  X.25  RUNS  THE  FOLLOWING  TESTS  AUTOMATICALLY  ON 
POWER  UP:  S-BOX,  CHECKWORD,  KEY  PARITY  CHECK,  CIPHER  TEXT  INHIBIT, 
CONTROL  FIELD  RECOGNITION,  KEYFAIL,  ROM/ RAM,  AND  LAMP.  EACH  TEST 
CAN  ALSO  BE  INITIATED  MANUALLY. 

8.  Alarm  and  Status  Reporting 

A  FAILURE  ON  THESE  TESTS,  OR  A  KEY  MANAGEMENT  OR  OPERATION  ERROR, 
WILL  PRODUCE  A  VISIBLE  ALARM  INDICATION  AND  INHIBIT  USE  UNTIL  THE 
ALARM  IS  CLEARED  WITH  A  PICK  RESISTANT  KEYLOCK. 
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THE  CIPHER  X  5000-1027  X.25  SUPPORTS  AN  EXPANDED  KEY  DATABASE. 
THESE  KEYS  CAN  BE  CHANGED  THROUGH  THE  FRONT  PANEL  SELECTION  OF  A 
KEY  INDEX.  FOR  THE  CIPHER  X  5000-1027  X.25,  NSA  HAS  APPROVED  THE 
MANUAL  AND  AUTOMATIC  KEY  INDEXING  METHOD  WHERE  THE  KEY  INDEX  IS 
SENT  TO  THE  REMOTE  CIPHER  X  5000  X.25  AS  PART  OF  AN  ENCRYPTION 
HEADER.  THE  HEADER  IS  MACED  PER  ANSI  X9 . 9  TO  ASSURE  ITS 
INTEGRITY.  BATTERY  BACKUP  RETAINS  KEYS  WITHOUT  AC  POWER  FOR  UP  TO 
THREE  YEARS. 


10 .  Key  Loader 

KEYING  VARIABLES  ARE  LOADED  VIA  A  KOI-18  OR  OTHER  APPROVED  DES  KEY 
LOADER.  THE  KOI-18  TO  CIPHER  X  5000-1027  X.25  INTERFACE  CABLE  MAY 
BE  ORDERED  FROM  TCC. 

Equipment  Physical  Security  Features 

THE  CIPHER  X  5000  X.25  FEATURES  A  STEEL  ENCLOSURE  WITH  NO  VENT 
HOLES  AND  DUAL  PICK  RESISTANT  LOCKS.  THE  ENCLOSURE  HAS  A  SECURE 
ANTI-THEFT  MOUNTING.  CONTACT  THE  VENDOR  FOR  FURTHER  INFORMATION. 

12 .  Cost  Range 

THE  GSA  SCHEDULE  PRICE  FOR  THE  CIPHER  X  5000-1027  X.25  LINK 
ENCRYPTOR  IS  $2,995  UNDER  GSA  CONTRACT  GS00K86AGS0508 . 

13 .  Availability 

THE  CIPHER  X  5000  X.25  IS  AVAILABLE  FROM  STOCK. 

14 .  Leasing  Option 

ARRANGEMENTS  MADE  ON  A  CASE-BY-CASE  BASIS. 


Options 


THE  CIPHER  X  5000  X.25  USES  AN  EXTERNAL  POWER  SUPPLY  AVAILABLE  AT 
120  OR  240  VOLTS,  50-60  HZ.  A  RACK  MOUNT  KIT  FOR  A  19"  RACK  IS 
AVAILABLE  AS  AN  OPTION. 


16.  Misc.  Descriptions 

POWER  CONSUMPTION  IS  15  WATTS  INCLUDING  THE  EXTERNAL  POWER  SUPPLY. 
OPERATING  TEMPERATURE  RANGE  IS  0  TO  +50  DEGREES  C. 
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1.  Manuf actur er  Name 

TECHNICAL  COMMUNICATIONS  CORPORATION 

2 .  Manuf actur er  Address 

100  DOMINO  DRIVE 
CONCORD,  MA  01742 
(617)  862-6035 

3 .  United  States  Government  Endorsement  Identification  Number 
(USGEID) 

00000023 

4.  Vendor  Model  Number 
CIPHER  X  5000-1027 


5.  Vendor  Point  of  Contact 

JOHN  GILL  (617)  862-6035 

6 .  Equipment  Characteristics 

THE  TCC  CIPHER  X  5000-1027  IS  A  LINK  ENCRYPTION  DEVICE  THAT  IS 
PROTOCOL  TRANSPARENT  AND  CAN  OPERATE  IN  A  POINT-TO-POINT  OR 
MULTIPOINT  ENVIRONMENT.  THE  CIPHER  X  5000-1027  CAN  OPERATE  IN  A 
SYNCHRONOUS  OR  ASYNCHRONOUS  MODE,  HALF  OR  FULL  DUPLEX,  UP  TO  9600 
BPS.  THE  STANDARD  INTERFACE  IS  RS-232C. 

7 .  Testing 

THE  CIPHER  X  5000-1027  RUNS  THE  FOLLOWING  TESTS  AUTOMATICALLY  ON 
POWERUP:  S-BOX,  CHECKWORD,  KEY  PARITY  CHECK,  CIPHER  TEXT  INHIBIT, 

CONTROL  FIELD  RECOGNITION,  KEYFAIL,  ROM/RAM,  AND  LAMP.  EACH  TEST 
CAN  ALSO  BE  INITIATED  MANUALLY. 

8.  Alarm  and  Status  Reporting 

A  FAILURE  ON  THESE  TEST,  OR  A  KEY  MANAGEMENT  OR  OPERATION  ERROR, 
WILL  PRODUCE  A  VISIBLE  ALARM  INDICATION  AND  INHIBIT  USE  OF  THE 
EQUIPMENT  UNTIL  THE  ALARM  IS  CLEARED  WITH  A  PICK  RESISTANT  KEYLOCK. 
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9-  Key  Management  Features /Key  Distribution 


THE  CIPHER  X  5000-1027  SUPPORTS  AN  EXPANDED  KEY  DATABASE.  THESE 
KEYS  CAN  BE  CHANGED  THROUGH  THE  FRONT  PANEL  SELECTION  OF  A  KEY 
INDEX.  FOR  THE  CIPHER  X  5000-1027,  NSA  HAS  APPROVED  THE  MANUAL  AND 
AUTOMATIC  KEY  INDEXING  METHOD  WHERE  THE  KEY  INDEX  IS  SENT  TO  THE 
REMOTE  CIPHER  X  5000-1027  AS  PART  OF  AN  ENCRYPTION  HEADER.  THE 
HEADER  IS  MACED  PER  ANSI  X9 . 9  TO  ASSURE  ITS  INTEGRITY.  BATTERY 
BACKUP  RETAINS  KEYS  WITHOUT  AC  POWER  FOR  UP  TO  THREE  YEARS. 

10 .  Key  Loader 

KEY  VARIABLES  ARE  LOADED  VIA  A  KOI-18  OR  OTHER  APPROVED  DES  KEY 
LOADER.  THE  KOI-18-TO-CIPHER  X  5000-1027  INTERFACE  CABLE  MAY  BE 
ORDERED  FROM  TCC. 


11.  Equipment  Physical  Security  Features 

THE  CIPHER  X  5000-1027  FEATURES  A  STEEL  ENCLOSURE  WITH  NO  VENT 
HOLES  AND  DUAL  PICK  RESISTANT  LOCKS.  THE  ENCLOSURE  HAS  A  SECURE 
ANTI-TAMPER  MOUNTING.  CONTACT  THE  VENDOR  FOR  FURTHER  INFORMATION. 

12 .  Cost  Range 

THE  GSA  SCHEDULE  PRICE  FOR  THE  CIPHER  X  5000-1027  LINK  ENCRYPTOR  IS 
$2,195  UNDER  GSA  CONTRACT  GS00K86AGS0508 . 

13 .  Availability 

THE  CIPHER  X  5000-1027  IS  AVAILABLE  FROM  STOCK. 

14 .  Leasing  Option 

ARRANGEMENTS  MADE  ON  A  CASE-BY-CASE  BASIS. 

15 .  Equipment  Options 

THE  CIPHER  X  5000-1027  USES  AN  EXTERNAL  POWER  SUPPLY  AVAILABLE  AT 
120  OR  240  VOLTS,  50-60  HZ.  A  RACK  MOUNT  KIT  FOR  A  19"  RACK  IS 
AVAILABLE  AS  AN  OPTION. 

16.  Misc.  Descriptions 

POWER  CONSUMPTION  IS  15  WATTS  INCLUDING  THE  EXTERNAL  POWER  SUPPLY. 
OPERATING  TEMPERATURE  RANGE  IS  0  TO  +50  DEGREES  C. 
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1. 


Manufacturer  Name 


TECHNICAL  COMMUNICATIONS  CORPORATION 

2.  Manufacturer  Address 

100  DOMINO  DRIVE 
CONCORD,  MA  01742 
(617)  862-6035 

3 .  United  States  Government  Endorsement  Identif ication  Number 

(usgeidT 

00000023 

4.  Vendor  Model  Number 

SYNC  64  CIPHER  X  5000-1027 

5.  Vendor  Point  of  Contact 
JOHN  GILL  (617)  862-6035 

6.  Equipment  Characteristics 

THE  TCC  SYNC  64  CIPHER  X  5000-1027  IS  A  SYNCHRONOUS  LINK  ENCRYPTION 
DEVICE  THAT  IS  PROTOCOL  TRANSPARENT  AND  CAN  OPERATE  IN  A  POINT-TO- 
POINT  OR  A  MULTIPOINT  ENVIRONMENT,  HALF  OR  FULL  DUPLEX,  AT  DATA 
RATES  UP  TO  64  KBPS.  THE  STANDARD  INTERFACE  IS  RS-232C.  CONTACT 
THE  MANUFACTURER  FOR  OTHER  INTERFACE  OPTIONS. 

7 .  Testing 

THE  SYNC  64  CIPHER  X  5000-1027  RUNS  THE  FOLLOWING  TESTS 
AUTOMATICALLY  ON  POWER  UP:  S-BOX,  CHECKWORD,  KEY  PARITY  CHECK, 
CIPHER  TEXT  INHIBIT,  CONTROL  FIELD  RECOGNITION,  KEYFAIL,  ROM/RAM, 
AND  LAMP.  THESE  TESTS  CAN  ALSO  BE  INITIATED  MANUALLY. 

8.  Alarm  and  Status  Reporting 

A  FAILURE  ON  THESE  TESTS,  OR  A  KEY  MANAGEMENT  OR  OPERATION  ERROR, 
WILL  PRODUCE  A  VISIBLE  ALARM  INDICATION  AND  INHIBIT  EQUIPMENT  USE 
UNTIL  THE  ALARM  IS  CLEARED  WITH  A  PICK  RESISTANT  KEYLOCK. 
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9.  Key  Management  Features /Key  Distribution 


THE  SYNC  64  CIPHER  X  5000-1027  SUPPORTS  SEVERAL  KEY  MANAGEMENT 
OPTIONS.  THE  KEYS  CAN  BE  CHANGED  THROUGH  THE  FRONT  PANEL  SELECTION 
OF  A  KEY  INDEX.  DOWNLINE  KEY  INDEXING  OR  DOWNLINE  KEY  LOADING  IS 
ALSO  AVAILABLE  FOR  THIS  OPERATION.  A  KEY  INDEX  OR  AN  ENCRYPTED 
DATA  KEY  IS  SENT  VIA  THE  NETWORK  TO  THE  REMOTE  SYNC  64  CIPHER  X 
5000-1027  AS  PART  OF  A  CRYPTOGRAPHIC  SERVICE  MESSAGE.  THE  MESSAGE 
IS  MACED  PER  ANSI  X9 . 9  TO  ASSURE  ITS  INTEGRITY.  BATTERY  BACKUP 
RETAINS  KEYS  WITHOUT  AC  POWER  FOR  UP  TO  THREE  YEARS. 

10.  Key  Loader 

KEY  VARIABLES  ARE  LOADED  VIA  KOI-18  OR  OTHER  APPROVED  DES  KEY 
LOADER.  THE  KOI-18-TO-SYNC  64  CIPHER  X  5000-1027  INTERFACE  CABLE 
MAY  BE  ORDERED  FROM  TCC. 

11.  Equipment  Physical  Security  Features 

THE  SYNC  64  CIPHER  X  5000-1027  FEATURES  A  STEEL  ENCLOSURE  WITH  NO 
VENT  HOLES  AND  DUAL  PICK  RESISTANT  LOCKS.  THE  ENCLOSURE  HAS  A 
SECURE  ANTI-THEFT  MOUNTING.  CONTACT  THE  VENDOR  FOR  FURTHER 
INFORMATION. 

12 .  Cost  Range 

CONTACT  MANUFACTURER  FOR  INFORMATION 

13 .  Availability 

CONTACT  MANUFACTURER  FOR  INFORMATION 

14 .  Leasing  Option 

ARRANGEMENTS  MADE  ON  A  CASE-BY-CASE  BASIS. 

15 .  Equipment  Options 

THE  SYNC  64  CIPHER  X  5000-1027  USES  AN  EXTERNAL  POWER  SUPPLY 
AVAILABLE  AT  120  OR  240  VOLTS,  50-60  HZ.  A  RACK  MOUNT  KIT  FOR  A 
19”  RACK  IS  AVAILABLE  AS  AN  OPTION. 

16 .  Misc.  Descriptions 

POWER  CONSUMPTION  IS  15  WATTS  INCLUDING  THE  EXTERNAL  POWER  SUPPLY. 
OPERATING  TEMPERATURE  RANGE  IS  0  TO  +50  DEGREES  C. 
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Manufacturer  Name 


TECHNICAL  COMMUNICATION  CORPORATION 

Manufacturer  Address 

100  DOMINO  DRIVE 
CONCORD,  MA  01742 
(617)  862-6035 

United  States  Government  Endorsement  Identification  Number 

(usgeidT 

00000040 

Vendor  Model  Number 
CSD  3324A-1027 
Vendor  Point  of  Contact 
JOHN  GILL  (617)  862-6035 
Equipment  Characteristics 

THE  TCC  CSD  3324A-1027  IS  A  DIGITAL  VOICE  AND  DATA  ENCRYPTION 
DEVICE  WHICH  ENSURES  THE  PRIVACY  OF  INFORMATION  TRANSMITTED  OVER  A 
STANDARD  FULL-DUPLEX  VOICE-GRADE  COMMUNICATIONS  CHANNEL.  THE  UNIT 
IS  A  COMPLETE  SYSTEM  COMBINING  A  FULL-DUPLEX  LPC  VOICE  DIGITIZER, 
CIPHER  UNIT,  CONTROL  CIRCUITS  AND  MODEM  IN  A  SINGLE  COMPLETE 
PACKAGE.  THE  STANDARD  CONFIGURATION  FOR  TELEPHONE  USE  INCLUDES  THE 
TCC  SECURE  PHONE  FOR  DIRECT  CONNECTION  TO  THE  PSTN.  THE  CSD  3324A 
MAY  ALSO  BE  INTERFACED  TO  SATELLITE  CHANNELS  OR  MOBILE  TELEPHONE. 
THE  STANDARD  DATA  INTERFACE  SUPPORTS  RS-232C  FOR  TERMINAL,  FAX,  OR 
TELETYPEWRITER  COMMUNICATIONS. 

Testing 

THE  TCC  CSD  3324A  RUNS  THE  FOLLOWING  TESTS  AUTOMATICALLY  ON  POWER 
UP:  S-BOX,  CHECKWORD,  KEY  PARITY  CHECK,  CIPHER  TEXT  INHIBIT, 

CONTROL  FIELD  RECOGNITION,  KEYFAIL,  ROM/RAM,  AND  LAMP.  THESE  TESTS 
CAN  ALSO  BE  INITIATED  MANUALLY.  IN  ADDITION,  A  SELF-LOOPBACK  TEST 
MAY  BE  MANUALLY  INITIATED. 

Alarm  and  Status  Reporting 

A  FAILURE  ON  THESE  TESTS,  OR  A  KEY  MANAGEMENT  OR  OPERATION  ERROR, 
WILL  PRODUCE  A  VISABLE  ALARM  INDICATION  AND  INHIBIT  USE  OF  THE 
EQUIPMENT  UNTIL  THE  ALARM  IS  CLEARED. 


9.  Key  Management  Features /Key  Distribution 


THE  CSD  3324A  UTILIZES  A  KEY  DATABASE.  THESE  KEYS  CAN  BE  CHANGED 
THROUGH  THE  FRONT  PANEL  SELECTION  OF  A  KEY  INDEX.  DURING  THE  "GO 
SECURE"  HANDSHAKE  PROCEDURE,  THE  KEY  INDEX  IS  SENT  TO  THE  REMOTE 
CSD  3324A  AS  PART  OF  AN  ENCRYPTION  HEADER.  THE  HEADER  IS  MACED 
PER  ANSI  X9.9  TO  ASSURE  ITS  INTEGRITY.  BATTERY  BACKUP  RETAINS  KEYS 
WITHOUT  AC  POWER  FOR  UP  TO  THREE  YEARS. 

10 .  Key  Loader 

KEY  VARIABLES  FOR  THE  FS-1027  VERSION  ARE  LOADED  VIA  A  KOI- 18  OR 
OTHER  APPROVED  DES  KEY  LOADER.  THE  KOI-18-TO-CSD  3324A  INTERFACE 
CABLE  MAY  BE  ORDERED  FROM  TCC. 

11.  Equipment  Physical  Security  Features 

THE  CSD  3324A  MEETS  FED  STD  1027  PHYSICAL  SECURITY  REQUIREMENTS. 

IT  FEATURES  A  STEEL  ENCLOSURE  WITH  NO  VENT  HOLES  AND  DUAL  PICK 
RESISTANT  LOCKS.  THE  ENCLOSURE  HAS  A  SECURE  ANTI-THEFT  MOUNTING. 
CONTACT  THE  VENDOR  FOR  FURTHER  INFORMATION. 

12 .  Cost  Range 

THE  GSA  SCHEDULE  FOR  THE  CSD  3324A-1027  NARROWBAND  DIGITAL  VOICE  OR 
DATA  ENCRYPTOR  IS  $11,930  UNDER  GSA  CONTRACT  GS00K86AGS0508 . 

13 .  Availability 

THE  CSD  3324A  IS  AVAILABLE  FROM  STOCK. 

14.  Leasing  Option 

ARRANGEMENTS  MADE  ON  A  CASE-BY-CASE  BASIS, 

15.  Equipment  Options 

THE  CSD  3324A  USES  AN  EXTERNAL  POWER  SUPPLY  WHICH  OPERATES  FROM 
90-260  VAC,  50-60  HZ.  OPTIONALLY,  A  DC  POWER  SUPPLY  MAY  BE  ORDERED 
AT  12,  24,  OR  48  VDC.  A  RACK  MOUNT  KIT  FOR  A  19"  RACK  IS  ALSO 
AVAILABLE  AS  AN  OPTION. 

16 .  Misc.  Descriptions 

POWER  CONSUMPTION  IS  LESS  THAN  20  WATTS  INCLUDING  THE  EXTERNAL 
POWER  SUPPLY.  OPERATING  TEMPERATURE  RANGE  IS  0  TO  +50  DEGREES  C. 
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DES  Voice  Equipment 

Endorsed  by  the  NSA  as  Meeting  Federal  Standard  1027 

1.  The  Motorola  DES  Key  Variable  Loader  (KVL),  T3020-X,  does  not 
support  the  new  Motorola  DES-XL  Module  and  is  no  longer  in 
production.  The  new  replacement  DES  KVL,  T3011,  will  support  both 
the  old  DES  Modules  and  DES-XL  Modules.  Contact  Motorola  for 
pricing  information  on  the  new  DES-XL  KVL  Model  T3011. 

The  new  Motorola  DES-XL  KVL,  T3011,  and  the  old  Motorola 
DES  Key  Loader,  T3020-X  are  identified  as  United  States  Government 
Endorsement  Identification  Number  (USGEID)  00000001*. 


2.  Motorola  DES  Handheld  Radios  (MX-300  series  with  individual 
channel  elements). 


H23AXU1120_N 
H23AXU1160_N 
H23AXU3120_N 
H23AXU3140_N 
H23AXU3160  N 


H24AXU1120-N 
H24AXU1140_N 
H24AXU1160_N 
H24AXU1180_N 
H24AXU3120_N 
H24AXU3140_N 
H24AXU3160_N 
H24AXU3180  N 


H33AXU1120  N 

H43AXU1120_ 

N 

This  item 

has 

H33AXU1160  N 

has  been  discon 

H33AXU3120  N 

H43AXU3120 

N 

ued  by  Motorola 

H33AXU3140  N 

H43AXU3140‘ 

effective 

H33AXU3160_N 

1  January 

1984. 

H34AXU1120  N 

H44AXU1120 

N 

H34AXU1140  N 

H44AXU1140' 

N 

H34AXU1160  N 

H44AXU1160' 

N 

H34AXU1190  N 

H44AXU1180' 

N 

H34AXU3120  N 

H44AXU3120' 

N 

H34AXU3140  N 

H44AXU3140' 

N 

H34AXU3160  N 

H44AXU3160' 

N 

H34AXU3180  N 

H44AXU3180' 

N 

The  handheld  radios  must  have  been  purchased  with  the  H388  Option. 
The  DES  Module,  ordered  under  the  H388  Option,  replaces  the 
Motorola  proprietary  DVP  Module.  This  product  will  not  support 
the  new  Motorola  DES-XL  Module. 

The  Motorola  MX-300  DES  Handheld  Radios  are  Identified  as 
USGEID  00000002. 


*  Every  DES  equipment  that  NSA  endorses  is  identified  by  the 
term  "DSGEID"  and  an  eight  digit  code.  This  equipment  designator 
shall  be  permanently  affixed  to  the  equipment  by  the  manufacturer 
and  be  readily  visible  to  the  purchaser  at  the  time  of  purchase. 
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3.  Motorola  DES  Mobile  Radios 


T43TXA1200_K 
T43TXA1D00_K 
T43TXA1J00_K 
T43TXA3200_K 
T43TXA3D00_K 
T43TXA3J00  K 


T83TXA1200_K 
T83TXA1D00_K 
T83TXA1J00_K 
T83TXA3200_K 
T83TXA3D00_K 
T83TXA3J00  K 


This  item  has 
been  discontin  - 
ued  by  Motorola 
effective 
31  March  1986. 


T34TXA1200_K 
T34TXA1D00_K 
T34TXA1J00_K 
T34TXA3200_K 
T34TXA3D00_K 
T34TXA3J00  K 


T44TXA1200_K 
T44TXA1D00_K 
T44TXA1J00_K 
T44TXA3200_K 
T44TXA3D00_K 
T44TXA3J00  K 


T74TXA1200_K 
T74TXA1D00_K 
T74TXA1J00_K 
T74TXA3200_K 
T74TXA3D00_K 
T74TXA3J00  K 


Motorola  DES  Mobile  Radios  must  have  been  purchased  with  the  W388 
Option  and  the  W391  Security  Option.  This  product  will  not  support 
the  new  Motorola  DES-XL  Module. 


The  Motorola  DES  Mobile  Radios  are  identified  as  USGEID  00000003. 


4.  Motorola  DES  Base  Stations/Fixed  Repeaters 


C53RXB1106 

_T 

C73RXB1106  T 

C53RXB3106  T 

C73RXB3106  T 

C53RXB1126‘ 

C73RXB1126 

C53RXB3126 

C73RXB3126 

C53RXB1196 

C73RXB1196 

C53RXB3196 

C73RXB3196 

C34RXB1106 

_T 

C64RXB1106  T 

C34RXB3106  T 

C64RXB3106  T 

C34RXB1126‘ 

C64RXB1126 

C34RXB3126 

C64RXB3126 

C34RXB1196 

C64RXB1196 

C34RXB3196 

C64RXB3196 

B84RXB1106 

SP 

B84RXB1106' 

TSP 

B84RXB3106" 

SP 

B84RXB3106' 

TSP 

B93RXB1106 

TSP 

B93RXB3106  TSP 

B93RXB1126SP 

B93RXB3126SP 

B93RXB1196SP 

B93RXB3196SP 

The  Motorola  DES  Base  Stations  must  be  purchased  with  the  Option  C388 
(old  DES  Module),  or  Option  C795  (DES-XL  Module),  C557  Security  Option, 
and  the  TLN2477  Cabinet  Security  Kit,  the  TLN2478  Cabinet  Security  Kit  or 
the  TRN5669  Cabinet  Security  Kit. 

The  DES  Module,  ordered  under  the  C388  Option  is  provided  at  no  extra 
charge,  contact  Motorola  for  pricing  information  on  the  DES-XL  Option 
C795.  The  C557  Security  Option  costs  $9.42.  The  TLN2477  Cabinet  Security 
Kit  costs  $216.75.  The  TLN2478  Cabinet  Security  Kit  costs  $216.75.  The 
TRN5669  Cabinet  Security  Kit  costs  $59.50. 

The  Motorola  DES  Base  Stations/Fixed  Repeaters  range  in  cost  from 
$7,000.00  for  the  C53RXBll66  T  to  $8,500.00  for  the  C64RXB3196  T. 
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Motorola  has  modified  versions  of  standard  100  watt  DES  MICOR  Base  and 
repeater  stations,  which  provide  for  the  Interconnection  of  base  stations 
or  repeaters  to  the  Telephone  Network  using  the  Microprocessor  Radio- 
Telephone  Interface  (MRTI)  Telephone  Patch.  The  SP75,  SP76,  and  SP77 
Stations  are  Encode/Decode  type  containing  all  the  standard  control 
functions  plus  the  MRTI. 

The  stations  types  are  as  follows: 

-  SP75  Encode/Decode  Repeater  with  Wireline  Control 

-  SP76  Encode/Decode  Repeater  with  Monitor  Receiver 

-  SP77  Encode/Decode  Base  Station 

The  Motorola  DES  Base  Station/Fixed  Repeater  is  identified 
as  USGEID  00000004. 

5.  Motorola  Synthesized  DES  Handheld  Radios  (MX-300-S, 

PX-300-S) 

MX-300-S 

H23SXU1140_N/H99SX  +  OOIH  H24SXU1140_N/H99SX  +  OlOH 

H23SXU3140_N/H99SX  +  002H  H24SXU3140_N/H99SX  +  OllH 

H33SXU1140_N/H99SX  +  004H  H34SXU1140_N/H99SX  +  013H 

H33SXU3140_N/H99SX  +  005H  H34SXU3140_N/H99SX  +  014H 

H43SXU1140_N/H99SX  +  007H  H44SXU1140_N/H99SX  +  016H 

H43SXU3140_N/H99SX  +  008H  H44SXU3140_N/H99SX  +  017H 

PX-300-S 

P1334_X  P1336_X  P1599 

P1335_X  P1337_X 

P1338_X  P1340_X 

P1339_X  P1341_X 

P1346_X  P1348_X 

P1347_X  P1349_X 

P1351_X  P1353_X 

P1352_X  P1354_X 

P1560AX  P1350AX 

The  Motorola  Synthesized  DES  Handheld  radios  must  be  purchased  with  Option 
H388  (old  DES  Module)  or  with  Option  H795  (DES-XL  Module).  The  DES 
Module,  ordered  under  the  H388  Option  costs  $425.00  (UHF  and  VHF)  at  time 
of  ordering  the  radio.  For  pricing  information  on  Option  H795,  DES-XL, 
contact  Motorola. 

The  Motorola  Synthesized  DES  Handheld  radios  range  in  cost  from  $2,750.00 
for  the  H23SXU1140_N/H99SX  +  OOIH  to  $3,250.00  for  the 
H44SXU3140  N/H99SX  +  017H. 
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The  MX-300-R  is  the  exact  same  radio  as  the  MX-300-S  except  that  it  has  a 
housing  that  meets  Mil-Spec-810C .  The  cost  of  this  Mil-Spec-810C  housing 
is  $206.00.  Request  Option  "H499"  if  the  ruggedized  housing  is  desired. 

The  Motorola  Portable  DBS  Base  Station,  P1350AX  is  a  two-way  FM  radio  that 
incorporates  the  radio  chassis  components  of  two  MX-  300-S  portable  radios 
(one  for  transmit,  the  other  for  receive)  interfaced  to  a  control  panel  in 
a  self-contained  unit  housed  in  an  aluminum  suitcase.  The  station 
utilizes  a  power  amplifier  that  is  capable  of  providing  up  to  30  watts  of 
power  for  long  range  communications,  or  can  draw  as  low  as  one  watt  to 
conserve  power  and  transmit  over  shorter  distances. 

The  Motorola  Portable  DBS  Receiver  Station,  P1599,  is  similar  to  the 
Motorola  Portable  DBS  Base  Station  except  that  there  is  no  transmit 
capability,  only  receive. 

For  pricing  information  on  the  Motorola  Portable  DBS  Receiver  Station  and 
Portable  DBS  Base  Station,  contact  Motorola. 


The  PX-300-S  ranges  in  cost  from  $3,212.00  for  the  P1334_X  to 
$3,749.00  for  the  P1354_X.  There  is  no  additional  charge  for  DBS. 

The  Motorola  DBS  MX-300-S,  MX-300-R,  PX-300-S,  P1350AX,  and  P1599  are 
identified  as  USGBID  00000005. 

6.  Motorola  DBS  SYNTOR-X  Mobile  Radio 

VHF  DBS  SYNTOR-X  Radio 

T43VXJ7204_K/T99VX  +  004W  T73VXJ7204_K/T99VX  +  007W 

T43VXJ7D04_K/T99VX  +  005W  T7 3VXJ7D04_K/T99VX  +  008W 

T43VXJ7J04_K/T99VX  +  006W  T73VXJ7 J04_K/T99VX  +  009W 

UHF  DBS  SYNTOR-X  Radio 

T74VXJ7204_K/T99VX  +  016W 

T74VXJ7D04_K/T99VX  +  017W 

T74VXJ7J04_K/T99VX  +  018W 

T64VXJ7204_K/T99VX  +  013W 

T64VXJ7D04_K/T99VX  +  014W 

T64VXJ7J04_K/T99VX  +  015W 

T34VXJ7204_K/T99VX  +  OlOW 

T34VXJ7D04_K/T99VX  +  OllW 

T34VXJ7J04_K/T99VX  +  012W 

Low  Band  DBS  SYNTOR-X 

T71VXJ7204_K/T99VX  +  OOlW 

T71VXJ7D04_K/T99VX  +  002W 

T71VXJ7J04  K/T99VX  +  003W 
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DES  SYNTOR-X  9000 
Low  Band 

T71KXJ704AK/T99KX  +  035W 
VHP 

T43KXJ7J04AK/T99KX  +  036W 
T73KXJ7J04AK/T99KX  +  037W 

UHF 

T34KXJ7J04AK/T99KX  +  038W 
T64KXJ7J04AK/T99KX  +  039W 
T74KXJ7J04AK/T99KX  +  040W 


DES  SYNTOR-X  9000E  Trunked 

T45FXJ7J04AK/T99FX  +  051W  800  MHz  Trunked  high  power 
T35FXJ7J04AK/T99FX  +  052W  800  MHz  Trunked  low  power 

DES  SYNTOR-X  9000E  UHF 

T74FXJ7J04BK/T99FX  +  050W 


The  Motorola  Low  Band  DES  SYNTOR-X  Mobile  Radio  operates  in  the  33-50  Mhz 
low  band  range.  Prices  range  from  $2,840.00  for  the 

T71VXJ7204_K/T99VX  +  OOlW  to  $2,951.00  for  the  T71VXJ7 J04_K/T99VX  +  003W. 

Motorola  DES  SYNTOR-X  Mobile  Radios  must  be  purchased  with  Option  W388 
(old  DES  Module)  or  Option  W795  (DES-XL),  and  the  W391  Security  Option. 

The  DES  Module,  ordered  under  the  W388  Option,  costs  $425.00,  at  time  of 
ordering  the  radio.  Contact  Motorola  for  pricing  information  on  Option 
W795  DES-XL.  The  W391  Security  Option,  which  protects  the  DES  and  related 
electronics  in  a  lockable  security  enclosure,  costs  $153.35.  Option 
W303AFSP  is  a  dual  code  DES  equipped  SYNTOR  X.  For  pricing  information  on 
this  option  contact  Motorola. 


The  Motorola  VHF  DES  SYNTOR-X  Mobile  Radios  range  in  cost  from  $2,380.00 
for  the  T43VXJ7204_K/T99VX  +  004W  to  $2,951.00  for  the 
T73VXJ7J04_K/T99VX  +  009W. 


The  Motorola  UHF  DES  SYNTOR-X  Mobile  Radio  range  in  cost  from  $2,480.00 
for  the  T34VXJ7204_K/T99VX  +  OlOW  to  $3,171.00  for  the 
T74VXJ7J04_K/T99VX  +  018W. 


The  Motorola  DES  SYNTOR-X  9000E,  UHF  version  encompasses  the  UHF  range 
(406-420  MHZ) . 


For  pricing  information  on  the  Motorola  DES  SYNTOR-X  9000,  9000E  and  9000E 
(UHF)  version,  contact  your  Motorola  representative. 
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The  Motorola  DES  SYNTOR-X,  SYNTOR-X  9000  and  SYNTOR-X  9000E  and  9000E 
(UHF)  version  Mobile  Radios  are  assigned  USGEID  00000006. 

Motorola  DES  9000  Consolette  Base  Station  Radio  Package. 

L35FXB5174AMSP09/L99KX  +  155L 
L35KXB7174AMSP09/L99KX  +  156L 
L64FXB5170AMSP09/L99KX  +  445L 
L64KXB7170AMSP09/L99KX  +  446L 
L64FXB5174AMSP09/L99KX  +  445L 
L64KXB7174AMSP09/L99KX  +  446L 
L44FXB5174AMSP09/L99KX  +  345L 
L44KXB7174AMSP09/L99KX  +  346L 
L63KXB7174AMSP09/L99KX  +  436L 

The  Motorola  DES  9000  Consolette  Station  Radio  Package  is  a  SYNTOR-X 
9000/9000E  Mobile  Radio  mounted  intact  within  a  desktop  style  cabinet  and 
mated  to  an  appropriately  sized  AC  to  DC  power  supply  also  mounted  in  the 
cabinet . 

For  pricing  information  on  the  Consolette  Base  Station  Radio  Package, 
contact  Motorola. 

The  Motorola  DES  9000  Consolette  Base  Station  Radio  Package  is  identified 
as  USGEID  00000006. 

7.  Motorola  MX-300  DES  "Midband"  Handheld  Radio 

H32AXU1120_NSP  H42AXU1120_NSP 

H32AXU1140_NSP  H42AXU3120_NSP 

H32AXU3120_NSP 
H32AXU3140_NSP 

The  Motorola  MX-300  DES  "Midband"  Handheld  Radio  must  be  purchased  with 
Option  H388  (old  DES  Module)  or  Option  H795,  (DES-XL).  The  H388  DES 
Module,  which  replaces  the  Motorola  proprietary  DVP  algorithm,  costs 
$500.00.  Contact  Motorola  for  pricing  information  on  Option  H795  DES-XL. 

The  Motorola  MX-300  DES  "Midband"  Handheld  radios  are  identifiedas  USGEID 
Number  00000007. 

8.  Motorola  DES  Coded/Clear  Portable  Repeater 

P43SXS1180_T 

P43SXS3180_T 

P44SXS1180_T 

P44SXS3180_T 

P42SXS1180_TSP 

P42SXS3180_TSP 

The  Motorola  DES  Coded/Clear  Portable  Repeater  must  be  purchased  with 
Option  H388  (old  DES  Module)  which  is  provided  at  no  extra  cost,  or  Option 
H795  (DES-XL)  and  the  PLN-6809A  Security  Option  which  costs  $265.00. 
Contact  Motorola  for  pricing  information  on  Option  H795,  DES-XL. 
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The  Portable  Repeater  ranges  in  cost  from  $8,000.00  to  $11,000.00. 


Motorola  also  builds  a  "clear/transparent"  portable  repeater  which  cannot 
be  modified  for  DBS  operation.  These  equipments  are  identified  as 
P43SYS1180_T,  P43SYS3180_T,  P44SYS1180_T  and  the  P44SYS3180_T.  These 
''clear/transparent''  Portable  Repeaters  do  not  require  FS-1027,  NSA 
Endorsement . 

The  Motorola  DES  Coded/Clear  Portable  Repeater  is  Identified  as  USGEID 
00000008. 


9. 


Motorola 

DES  Console 

Interface  Unit  (CIU) 

Q2209CA 

Q2209CE 

Q2209CJ 

The  DES  CIU  has  been 

replaced 

Q2209CB 

Q2209CF 

Q2209CK 

by  Motorola  with  the 

DES 

Q2209CC 

Q2209CG 

Q2209CL 

Series  II  CIU  listed 

below. 

Q2209CD 

Q2209CH 

Q2209CM 

Motorola 

DES  Series 

II  CIU 

T5007AX 

The  Motorola  DES  CIUs  must  be  purchased  with  the  C388AA  Option,  the  C557AA 
or  the  C557AB  Security  Anti-Tamper  Option, and  either  the  TLN2477A,  the 
TLN2478A,  the  TRN5669A,  or  the  TRN5670A  Cabinet  Security  Kit  Option 
depending  upon  the  cabinet  size  or  configuration.  Only  the  Series  II  CIU 
is  capable  of  supporting  the  new  DES-XL  Module,  which  is  Option  C795. 
Option  SP701  is  the  Trunking  feature  to  the  Series  II  CIU  that  has  been 
endorsed.  Option  C103ABSP,  is  the  translator,  conventional-to-trunked 
feature  that  has  also  been  endorsed.  For  pricing  information  on  both 
options,  contact  Motorola.  Also  contact  Motorola  for  pricing  information 
on  Option  C795. 


The  DES  Module,  ordered  under  Option  C388AA  (old  DES  Module),  is  provided 
at  no  additional  cost.  The  Security-Anti  Tamper  Option  costs  $77.25.  The 
TLN2477A  Cabinet  Security  Kit  costs  $216.75  each,  the  TLN2478A  Cabinet 
Security  Kit  costs  $216.75  the  TRN5669A  Cabinet  Security  Kit  costs  $59.50. 
The  Motorola  DES  Series  II  CIU  costs  $3,451.00. 

The  Motorola  DES  Console  Interface  Unit  plus  the  options  mentioned  above, 
are  identified  as  USGEID  00000009. 

10.  Motorola  DES  Spectra-TAC  Comparator 

Q2208C 

Motorola  DES  Comparator 
Q2605 
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The  Motorola  DES  Spectra-TAC  Comparator  and  Q2605  DES  Comparator  must  be 
purchased  with  the  C388ABSP  Option,  the  C557ACSP  Security  Anti-Tamper 
Option  and  either  TLN2477A,  the  TLN2478A,  the  TRN5669A  or  the  TRN5670A 
Cabinet  Security  Kit  Option  depending  upon  the  cabinet  size  or 
configuration. 

The  Motorola  Q2605  DES  Comparator  has  a  hardware  kit  added  for  remote 
connections  to  a  phone  patch  device  for  signalling  purposes. 

The  DES  Module,  ordered  under  the  C388ABSP  Option,  is  provided  at  no  extra 
charge  at  time  of  ordering  the  CIU.  The  C557ACSP  Security  Anti-Tamper 
Option  costs  $9.42.  The  TLN2477A  Cabinet  Security  Kit  costs  $216.75  the 
TLN2478A  Cabinet  Security  Kit  costs  $216.75,  the  TRN5669A  costs  $59.50  and 
the  TRN5670A  costs  $59.50.  This  product  will  not  support  the  new  Motorola 
DES-XL  Module. 

The  Motorola  DES  Spectra-TAC  Comparator  and  DES  Q2605  Comparator  are 
identified  as  USGEID  00000010. 

11.  Motorola  DES  MCX-lOO  Mobile  Radio 

MCX-lOO  VHF  DES  Radio 


Dash  Mounted  Models 


MBD23EXA1J00K 

MBD23EXA7J00K 


MBD43EXA1J00K 

MBD43EXA7J00K 


Trunk  Mounted  Models 


MBT23EXA1J00K_ 
MBT23EXA7J00K_ 
MCX-lOO  UHF  DES  Radio 


MBT43EXA1J00K 

MBT43EXA7J00K 


Dash  Mounted  Models 


MBD24EXA1J00K 

MBD44EXA1J00K 

MBD24EXA7J00K_ 

MBD44EXA7J00K 

Trunk  Mounted  Models 

MBT24EXA1J00K 

MBD44EXA1J00K 

MBT24EXA7J00K_ 

MBT44EXA7J00K 

Motorola  DES  MCX-1000  Mobile  Radio 
VHF  Dash  Mounted  Model 
MBD43UXA7H00_K/M99UX  +  054W 
VHF  Trunk  Mounted  Model 
MBT43UXA7H00  K/M99UX  +  056W 
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UHF  Dash  Mounted  Model 


MBD44UXA7H00_K/M99UX  +  058W 
UHF  Trunk  Mounted  Model 
MBT44UXA7H00_K/M99UX  +  060W 

The  Motorola  DES  MCX-100/1000  Mobile  radios  must  be  purchased  with  the 
Option  MBB388  (old  DES  Module)  and  the  MBB391  Security  Option.  The  DES 
Module,  ordered  under  the  Option  MBB388,  is  provided  at  no  extra  cost  at 
time  of  ordering  the  radio.  The  DES-XL  Module  will  be  field  added  only 
for  the  MCX-lOO  products;  the  customer  should  contact  their  Motorola 
representative  in  such  instances.  In  addition,  the  customer  should 
contact  Motorola  for  pricing  information  on  the  DES-XL  Option.  The  MBB391 
Security  Option,  the  MBB391AA  for  the  dash  mount  model  and  the  MBB391AB 
for  the  trunk  mount  model,  protects  the  DES  and  related  electronics  in  a 
lockable  security  enclosure  and  it  costs  $240.55.  Another  option  endorsed 
for  the  MCX-100/1000  is  the  VLN1156A,  base  tray.  Contact  Motorola  for 
pricing  information  on  this  feature 

The  DES  MCX-lOO  dash  mounted  mobile  radios  range  in  cost  from  $2,615.00  to 
$2,895.00.  The  DES  MCX-lOO  trunk  mounted  mobile  radios  range  in  cost  from 
$2,810.00  to  $3,090.00. 

For  pricing  information  on  the  Motorola  DES  MCX-1000  Mobile  Radio,  contact 
your  Motorola  representative. 

The  Motorola  MCX-lOO  and  MCX-1000  DES  Mobile  Radios  are  identified  as 
USGEID  00000012. 

12.  Motorola  DES  Handheld  Radios  ( SECURENET-EXPO  with  individual 
channel  elements.) 

VHF 

Standard  Models 

Z33BXU1110_N 

H33BXU1110_N 

Z33BXU1120_N 

H33BXU1120_N 

VHF  Private  Line  (PL)  Models 

SECURENET-EXPO  with  PL  function 

H33BXU3120_N/H99BX  +  019H  (2  frequency) 

H33BXU3110_N  (1  frequency) 

The  Motorola  SECURENET-EXPO  DES  Handheld  Radios  must  be  purchased  with 
Option  H388  {old  DES  Module)  or  with  Option  H795  (DES-XL). 
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The  H388  DES  coding  algorithm  Module,  which  replaces  the  Motorola 
Proprietary  DVP  algorithm,  ranges  from  $50.00  -  $100.00.  Contact  Motorola 
for  pricing  information  on  Option  H795  DES-XL. 

Two  Options  which  will  be  offered  but  are  not  specifically  listed  on  the 
EXPO  price  pages  are: 

Option  H934  -  change  the  2  watt  RF  amplifier  to  a  1  watt  amplifier. 

Option  H700  -  allows  the  audio  level  on  the  radio  to  be  turned  all  the  way 
off.  Without  this  Option,  when  the  volume  switch  is  at  its  lowest 
setting,  some  audio  can  still  be  heard  from  the  speaker. 

UHF  Standard  Model  2  Frequency  with  PL 

H24BXU3120_N/H99BX  +  020H 

Option  H801  -  Omits  PL 

Option  H501  -  Omits  one  transmit  frequency 

Option  H521  -  Omits  one  receive  frequency 

The  Motorola  UHF  SECURENET  EXPO  DES  Handheld  Radio 
H24BXU3120_N/H99BX  +  020H  costs  $2,300.00. 


The  Motorola  VHF  SECURENET  EXPO  DES  Handheld  Radios  range  in  cost  from 
$1,900.00  for  the  Z33BXU1110_N  and  H33BXU1110_N  to  $2,300.00  for  the 
Z33BXU1120_N  and  H33BXU1120_N. 

The  Motorola  VHF  &  UHF  SECURENET-EXPO  DES  Handheld  Radios  are  identified 
as  USGEID  00000020. 

13.  GE  DES  Mobile  Radios: 


DELTA  SX  MOBILES 


N3A113 

N3A135 

N3B134 

N3B113 

N3B135 

N3A136 

N3A115 

N3A114 

N3B136 

N3B115 

N3B114 

N3A137 

N3A117 

N3A116 

N3A138 

N3A118 

N3B116 

N3B137 

N3A133 

N3B117 

N3B138 

N3B133 

N3B118 

N3A134 
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RANGE  MOBILES 


N9G11 

N9P12 

N9R11 

N9H11 

N9S12 

N9T11 

N9H02 

N9U12 

N9V11 

N9U01 

N9W12 

N9X11 

N9P11 

N9H01 

N9R12 

N9S11 

N9G12 

N9T12 

N9U11 

N9H12 

N9V12 

N9W11 

N9U02 

N9X12 

DELTA  S 

MOBILES 

N3A107 

N3A108 

N3A123 

N3A129 

N3B107 

N3B108 

N3A124 

N3B127 

N3A109 

N3A110 

N3A125 

N3B128 

N3B109 

N3B110 

N3A126 

N3B129 

N3A111 

N3B111 

N3B123 

N3A130 

N3A112 

N3B112 

N3B124 

N3A131 

N3A119 

N3A120 

N3B125 

N3A132 

N3A121 

N3A122 

N3B126 

N3B130 

N3B119 

N3B120 

N3AI27 

N3B131 

N3B121 

N3B122 

N3A128 

N3B132 

MVS  MOBILES 

NPHI0VG1027-SP  NPUI0VG1027-SPNPU30VG1027-SP 

NPH20VG1027-SP  NPU20VG1027-SP 

S-990  Mobile  Radio  Control  Unit  used  with  the  VG9600S  Voice  Guard  Module: 
S9G990 

S-550  Mobile  Radio  Control  Unit  used  with  the  VG9600S  Voice  Guard  Module: 

S6AG10  S6AG11  S6BG10  S6BG11  S6BG12 

The  DELTA  SX  radio  ranges  in  price  from  $1,730.00  to  $2,555.00. 

The  RANGE  radio  ranges  in  price  from  $1,250.00  to  $1,740.00. 

The  DELTA  S  radio  ranges  in  price  from  $1,500.00  to  $2,375.00. 

For  pricing  information  on  the  MVS,  Contact  GE. 

The  S-990  control  unit  with  the  VG9600S  Module  is  priced  at  $2,235.00. 

The  five  models  of  the  S-550  control  unit  with  the  VG9600S  Module  are 
priced  from  $1,675.00  to  $1,895.00.  The  above  mentioned  control  units 
with  the  VG9600S  Modules  are  interchangeable  with  either  the  RANGE,  DELTA 
or  MVS  mobile  radios. 
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The  mobile  radio,  control  unit  and  VG9600S  Module  are  normally  ordered 
together  for  DES  applications.  However,  the  control  units  (S-550/S990) 
with  the  Voice  Guard  Module  can  be  purchased  separately  to  upgrade 
existing  clear  voice  RANGR,  DELTA  and  MVS  Mobiles.  The  model  number  is 
S6VG01  and  the  price  is  $1,370.00.  The  VG9600  is  identified  as  USGEID 
00000021. 

13a.  GE  DES  End-To-End  MASTR  Controller: 

64G32 

64G33 

The  GE  DES  End-To-End  MASTR  Controller  includes  the  VG9600C  Voice  Guard 
Module,  modem,  and  interface  assembly.  Prices  range  from  $9,350.00  to 
$9,465.00.  The  VG9600C  is  identified  as  USGEID  00000021. 

14.  GE  DES  Key  Variable  Loader  V4025: 

The  DES  Key  Variable  Loader  costs  $1,875.00.  The  key  variable  loader  is 
identified  as  USGEID  00000022. 

The  GE  DES  Key  Loader  requires  a  printed  DES  Key  List. 

15.  GE  DES  Voice  Guard  equipped  MPS  Personal  Radio 


MPS  Series 

VHF 

P9HMAG 

P9JMAG 

P9KMAG 

P9HMBG 

P9JMBG 

P9KMBG 

P9HMCG 

P9JMCG 

P9KMCG 

P9HMDG 

P9JMDG 

P9KMDG 

P9HMEG 

P9JMEG 

P9KMEG 

P9HMFG 

P9JMFG 

P9KMFG 

P9HMTG 

P9JMTG 

P9KMTG 

MPS  Series 

UHF 

P9MMAG 

P9RMAG 

P9SMAG 

P9TMAG 

P9MMBG 

P9RMBG 

P9SMBG 

P9TMBG 

P9MMCG 

P9RMCG 

P9SMCG 

P9TMCG 

P9MMDG 

P9RMDG 

P9SMDG 

P9TMDG 

P9MMEG 

P9RMEG 

P9SMEG 

P9TMEG 

P9MMFG 

P9RMFG 

P9SMFG 

P9TMFG 

P9MMTG 

P9RMTG 

P9SMTG 

P9TMTG 

The  GE  DES  Voice  Guard  equipped  MPS  Personal  Radio  is  a  modularized, 
frequency  synthesized,  two-way  FM  communications  system. 

The  prices  of  the  GE  DES  Voice  Guard  equipped  MPS  Personal  Radios  range 
from  $3,260.00  to  $3,540.00  depending  on  model  number. 

The  GE  Voice  Guard  equipped  MPS  Personal  Radio  is  identified  as  USGEID 
00000026. 
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16.  GE  DES  Voice  Guard  MASTR  II  Encrypt/Decrypt  Station, 

VG9600SR  including  options  as  follows; 

9785  -  Remote  only  1  frequency 
9788  -  Remote/Repeat  1  frequency 
9797  -  Remote  2  frequencies 

The  GE  DES  Voice  Guard  equipped  MASTR  II  encode/decode  station  utilizes 
the  VG9600SR  DES  Module  mounted  to  a  steel  shelf  located  in  a  protective 
cabinet,  whose  front  and  rear  panels  are  secured  by  MEDECO  anti-tamper 
locks.  The  unencrypted  information  is  transferred  between  the  remote 
controller  and  the  station,  the  information  is  then  encrypted  at  the 
station  prior  to  transmission.  The  GE  DES  Voice  Guard  MASTR  II 
encrypt/decrypt  station,  VG9600SR  is  identified  as  USGEID  00000030. 

The  price  of  the  DES  option  ranges  from  $1,745.00  to  $3,365.00,  depending 
on  model  type  ordered. 

17.  Motorola  DES  SVX-1000*  Telephone  Voice  Security  Terminal, 

T5125_X 

The  Motorola  SVX-1000  Terminal  incorporates  the  DES  algorithm  into  a 
desktop  terminal  that  can  be  used  with  an  ordinary  telephone  to  provide 
voice  encryption/decryption  for  calls  that  originate  or  are  answered  at 
that  phone.  The  SVX-1000  is  intended  for  the  protection  of  unclassified 
voice  messages  over  public  telephone  networks.  The  SVX-1000  incorporating 
DES  must  be  purchased  with  Option  C388  (old  DES  Module)  or  with  Option 
C795  (DES-XL) .  The  Motorola  DES  SVX-1000  Telephone  Voice  Security 
Terminal  is  identified  as  USGEID  00000032. 

For  pricing  information  on  the  SVX-1000,  and  the  Option  C795  DES-XL, 
please  contact  Motorola. 

18.  GE  DES  DELTA/RANGR  Desktop  Station  with  VG9600S  model  numbers 
N8G201  and  N8G202 

The  GE  DES  DELTA  Desktop  Station  utilizes  GE ' s  previously  NSA  DES  Endorsed 
DELTA  Mobile  Radio  inside  a  stylized  control  panel  box  along  with  the 
previously  endorsed  GE  VG9600S  DES  Module,  in  a  fixed  configuration.  This 
product  provides  encrypted/decrypted  two-way  radio  communications  at  the 
operator's  location  for  unclassified  voice  traffic.  The  price  for  the 
model  N8G201  is  $2,345.00  and  the  price  for  the  model  N8G202  is  $3,140.00. 
The  GE  DES  DELTA  Desktop  Station  with  VG9600S  is  identified  as  USGEID 
00000033. 

19.  GE  DES  Seven  Key  Voice  Guard  VG9600S/C  Module* 

The  GE  seven  key  version  Voice  Guard  VG9600S/C  DES  Module  is  capable  of 
supporting  up  to  seven  cryptographic  keys.  This  multiple-key  product 
utilizes  the  previously  NSA  DES  Endorsed  GE  VG9600  DES  single  key  Module, 
the  only  hardware  difference  being  the  addition  of  a  multiple  key 


2-63 


selection  switch.  The  GE  DES  Voice  Guard  VG9600S/C  seven  key  version  is 
identified  as  USGEID  00000034. 

Contact  General  Electric  for  pricing  information. 

20.  GE  DES  CIU  Equipped  with  VG9600R  models  CCDGl,  CCDG2,  CCDG3  and 
CCDG4 

The  GE  DES  CIU  must  be  purchased  with  the  DES  Voice  Guard  VG9600SR  Module. 
The  GE  DES  CIU  provides  for  encryption/decryption  of  unclassified  voice 
communications.  The  CIU  is  intended  to  be  located  in  a  central 
dispatching  point  and  interconnect  with  one  or  more  dispatching  consoles. 
The  DES  VG9600SR  Module  is  .mounted  in  a  30-in.  station  cabinet  that  is 
secured  by  MEDECO  anti-tamper  locks.  There  is  a  trunking  version  of  this 
item  that  is  also  endorsed.  This  option  encompasses  a  modification  to  the 
software  in  the  previously  endorsed  VG9600  Module  which  permits 
compatability  with  the  GE  16  Plus  trunking  products.  The  GE  DES  CIU 
equipped  with  the  VG9600SR  Module  and  the  modified  GE  DES  CIU  that  is 
compatabile  with  the  16  Plus  trunked  products  are  identified  as  USGEID 
00000036.  Prices  for  the  CIU  range  from  $9,115.00  to  $32,825.00.  For 
option  numbers  and  pricing  information  on  the  trunking  feature,  contact 
GE. 


21.  GE  DES  M-PD  Voice  Guard  Personal  Radios 

M-PD  Series  VHP 

PVGE5G  PVGF5G 

PVHE5G  PVHF5G 

PVJE5G  PVJF5G 

M-PD  Series  UHF 


PVPE5G 

PVPF5G 

PVRE5G 

PVRF5G 

PVSE5G 

PVSF5G 

PVTE5G 

PVTF5G 

PVUE5G 

PVUF5G 

PVVE5G 

PVVF5G 

PVWE5G 

PVWF5G 

PVXE5G 

PVXF5G 

M-PD/PST/VG 
400  MHz 

PVPJ5G  PVPK5G 

M-PD/PST/VG 
800  MHz 

PVZJ2G  PVZK2G 
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The  GE  DES  M-PD  Voice  Guard  Personal  Radio  is  a  two-way,  FM, 
communications  system  consisting  of  transmit  and  receive  circuitry  with  a 
frequency  synthesizer  controlled  by  a  microprocessor. 

The  prices  of  the  GE  DES  M-PD  Voice  Guard  Personal  Radio  range  from 
$2,998.00  to  $3,348.00  depending  on  the  model  ordered.  For  pricing 
information  on  the  400  MHz  and  800  MHz  PST  versions  contact  GE. 

The  GE  DES  M-PD  Voice  Guard  equipped  Personal  Radio  is  identified  as 
USGEID  00000037. 

22.  Motorola  DES  SABER  Handheld  Radios 


Secure  SABER  VHF 


H43QXN7139_N/H99QX 
H4  3QX J7 1 3  9_N/H9  9QX 
H43QXK7139_N/H99QX 
H43YXN7139_N/H99QX 
H33QXN7139_N/H99QX 
H33QXJ7139_N/H99QX 
H33QXK7139_N/H99QX 
H33YXN7139_N/H99QX 


+  053H 
+  059H 
+  063H 
+  052H  Sub. 
+  051H 
+  058H 
+  062H 
+  050H 


Secure  SABER  UHF 


H44QXN7139_N/H99QX  +  057H 
H44QXJ7139_N/H99QX  +  061H 
H44QXK7139_N/H99QX  +  065H 
H44YXN7139_N/H99QX  +  056H  Sub. 

H34QXN7139_N/H99QX  +  055H 
H34QXJ7139_N/H99QX  +  060H 
H34QXK7139_N/H99QX  +  064H 
H34YXN7139_N/H99QX  +  054H  Sub. 

Secure  Saber  Mid-Band 

H42QXN7139_N/H99QX  +  076H 
H42YXN7139_N/H99QX  +  077H  Sub. 

H42QXJ7139_N/H99QX  +  078H 
H42QXK7139_N/H99QX  +  079H 

Secure  Systems  Saber 

H44TUA5170_N/H99QX  '+  067H 
H44TUK5170_N/H99QX  +  080H 
H34TUK5170_N/H99QX  +  081H 
H43TUK5170_N/H99QX  +  099H 
H33TUK5170_N/H99QX  +  lOOH 

The  Motorola  DES  SABER  handheld  radio  is  a  two-way,  PM,  synthesized 
handheld  radio  system  that  utilizes  digital  synthesis  techniques  to 
provide  up  to  120  channels  of  transceiver  capability.  In  addition,  there 
have  been  three  other  versions  of  the  Saber  Radio  endorsed.  Two 
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submersible  VHF  and  UHF  models  ^re  now  endorsed  as  well  as  a  Mid  Band 
version.  These  models  are  identified  by  the  "YKN"  portion  of  the  factory 
referGnc©  nuinber  as  W6ll  as  the  abbreviation  "Sub.".  The  VHF  Mid  Band 
Saber  has  had  the  RF  Module  adapted  so  the  radio  can  operate  in  the 
66-88  MHz  frequency  band.  Also  endorsed  are  the  five  models  of  the 
Systems  Saber  products.  This  family  of  Saber  radios  has  been  modified  by 
the  addition  of  a  more  powerful  microprocessor  to  accomodate  a  trunking 
feature  for  these  particular  models. 

For  pricing  information  on  all  of  the  Motorola  DES  SABER  Handheld  Radios, 
contact  your  Motorola  representative. 

The  Motorola  DES  SABER  Handheld  Radios  are  identified  as  USGEID  00000038. 

23.  GE  DES  VGT-9600  Voice  Guard  Module 

The  GE  DES  VGT-9600  Voice  Guard  Module  employs  DES  to  provide 

encyption/decryption  for  trunked  mobile  radios.  The  VGT-9600  can  also  be 
utilized  in  a  fixed  station  application.  In  addition,  the  product  can 
also  operate  with  GE  conventional  mode  DES  radios. 

For  pricing  information  on  the  GE  DES  VGT-9600  Voice  Guard  Module  contact 
GE. 


The  GE  DES  VGT-9600  Voice  Guard  Module  is  assigned  USGEID  00000042. 

24.  Motorola  DES  SSTX  Trunked  Portable  Radio. 

H35LXC5170AN/H99LX  +  071H 
H35LXD5170AN/H99LX  +  073H 

*  H25WKA5170_N/H99LX  +  082H 

*  H35WKA5170_N/H99LX  +  083H 

*  H35WKQ5170_N/H99LX  +  084H 

*  H35WGA5170_N/H99LX  +  085H 

*  H25WPA5170_N/H99LX  +  086H 

*  H35WPA5170_N  H99LX  +  087H 

*  H35WPQ5170_N/H99LX  +  088H 

*  H35WNA5170_N/H99LX  +  089H 

*  H25WPQ5170_N/H99LX  +  090H 

The  Motorola  DES  SSTX  is  a  frequency  synthesized  commercial  two-way  FM 
trunked  portable  radio  employing  DES  encyption/decryption  for  voice 
traffic.  The  SSTX  can  also  operate  in  the  conventional  mode.  The  SSTX 
must  be  purchased  with  option  H795AA  (DES-XL). 

*  These  models  have  also  been  endorsed  and  are  available  with  either  a 
rotary  switch  on  the  top  of  the  radio  to  select  coded/clear  mode  or  via 
the  keypad  button  on  the  front  of  the  radio. 

For  pricing  information  on  the  Motorola  DES  SSTX  Trunked  Portable  Radio, 
contact  Motorola. 

The  Motorola  DES  SSTX  Trunked  Portable  Radio  is  identified  as  USGEID 
00000043. 
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NOTE:  The  Motorola  DES  radios  and  the  GE  DES  radios  are  not 
interoperable  in  the  cipher  mode.  In  addition.  Motorola  DES  products 
equipped  with  new  DES-XL  Modules  are  not  interoperable  with  Motorola 
DES  products  that  utilize  the  old  DES  Modules.  This  is  a  result  of  a 
new  encryption  scheme  employed  in  the  DES-XL  Module. 
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POINTS  OF  CONTACT  FOR  NSA  FS-1027  DES  ENDORSED  EQUIPMENTS 


Voice  Radio  Equipment  (2  vendors  in  alphabetical  order) 

1.  Mr.  Dan  Lynch 

General  Electric  Company 
1680  Mountain  View  Road 
Lynchburg,  VA  24502 
Telephone:  (804)  528-7458 

2.  Mr.  Paul  Tinney 

Motorola  Incorporated 
1701  McCormick  Drive 
handover,  MD  20785 
Telephone:  (301)  925-2490 
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INTRODUCTION  TO  THE  PROTECTED  NETWORK  SERVICES  LIST 


"Protected  Network  Services"  -  Telecommunications systems,  approved  by  NSA 
for  the  transmission  of  Sensitive  but  Unclassified  U.S.  Government  information  of 
U.S.  Government  departments,  agencies,  and  their  contractors  involving  intelligence 
activities  related  to  the  national  security,  the  command  and  control  of  military 
forces,  equipment  that  is  integral  to  a  weapons  system,  or  matters  critical  to  the 
direct  fulfillment  of  military  or  intelligence  missions,  that  are  available  from 
commercial  communications  companies.  The  term  "sensitive  information"  means 
any  information,  the  loss,  misuse,  or  unauthorized  access  to  or  modification  of  which 
could  adversely  affect  the  national  interest  or  the  conduct  of  Federal  programs,  or 
the  privacy  to  which  individuals  are  entitled  under  section  552a  of  Title  5,  United 
States  Code  (the  Privacy  Act),  but  which  has  not  been  specifically  authorized  under 
criteria  established  by  an  Executive  Order  or  an  Act  of  Congress  to  be  kept  secret  in 
the  interest  of  national  defense  and  foreign  policy.  There  are  three  types  of 
Protected  Network  Services;  Private  Line  (PL),  Flexibly  Defined  Network  (FDN),  and 
Switched  Protected  Routing  Service  (SPRS). 

PRIVATE  LINE  (PL):  A  Private  Line  is  a  full-period  circuit  leased  by  a  customer  for 
its  exclusive  use,  connected  by  two  or  more  terminal  equipments  only  to  each  other 
and  operated  independently  of  any  central  office  switched  interconnections. 
Approved  Private  Line  service  requires  the  use  of  encryption  or  unencrypted  cable 
circuits,  and  computer  security. 

FLEXIBLY  DEFINED  NETWORK  (FDN):  A  Flexibly  Defined  Network  is  a  logical 
association  of  sequential  links  in  each  direction  of  transmission  between  two  or 
more  terminals.  Such  networks  may  exist  as  an  adjunct  to,  but  independent  of,  both 
full-period  private  line  service  and  non-private  commercial  switched  service.  No 
permanent  physical  circuit  is  maintained  between  the  two  terminations.  Approved 
Flexibly  Defined  Network  service  MAY  INCLUDE  an  appropriate  mix  of  encrypted 
radio,  unencrypted  radio,  unencrypted  cable  circuits,  and  computer  security  in 
consideration  of  the  areas  traversed  by  the  network. 

SWITCHED  PROTECTED  ROUTING  SERVICE  (SPRS):  SPRS  is  currently  in  the 
development  stages  with  initial  implementation  tentatively  scheduled  for  FY  92. 
SPRS  will  be  a  tariffed  offering  provided  by  the  commercial  carriers  for  the 
protection  of  Sensitive  but  Unclassified  data  through  the  Public  Switched  Telephone 
Network  nationwide. 

PURPOSE 

The  purpose  of  this  chapter  is  to  provide  information  on  where  to  acquire  the 
"approved"  Protected  Network  Services.  The  carrier  points  of  contact  listed  in  this 
chapter  will  provide  guidance  on  the  types  of  Protected  Network  Services  available. 
Agreements  have  been  made  with  these  carriers  to  provide  NSA  approved  Protected 
Network  Services.  All  services  may  not  be  provided  in  all  areas  by  all  companies 
listed.  The  carrier  points  of  contact  listed  in  this  chapter  will  provide  guidance  on 
the  types  of  Protected  Network  Services  available.  Agreements  have  been  made 
with  these  carriers  to  provide  NSA  approved  Protected  Network  Services.  Working  in 
conjunction  with  the  carriers,  NSA  has  formally  reviewed  and  approved  the 
techniques  and  services  in  the  offerings  as  meeting  the  requirements  needed  to 
protect  Sensitive  but  Unclassified  information.  This  approval  provides  assurance  to 
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the  customer  that  a  criteria  has  been  met  sufficient  for  the  protection  of  this  level  of 
data  commensurate  with  a  perceived  threat.  For  additional  information,  please 
contact  V33,  Systems  Protection  Division,  (301)  684-7057. 


PROTECTED  NETWORK  SERVICES  LIST 


Company  Name 

(Listed  In  Alphabetical  Order) 

Point  of  Contact 

Phone  No. 

AT&T  Communications 

Mr.  David  Johnson 

8403  Colesville  Road 

Attn:  15ND18 

Silver  Spring,  MD  20910 

(301)608-4905 

Bell  Atlantic 

Ms.  Camille  Mazzan 

1600  Wilson  Blvd. 

Suite  600 

Arlington,  VA  22209 

(703)974-2273 

CONTELA.S.C. 

Mr.  Don  Nowakoski 

Government  Network  Division 
7916  Westpark  Drive 

McLean,  VA  22102 

(703)790-2158 

Metromedia/ITT 

Mr.  Leonard  Plotkin 

1901  N.  Moore  St. 

Rosslyn,VA  22209 

(202)276-1544 

MCI  Telecommunications 

Mr.  Tom  Will 

8003  Westpark  Drive 

McLean,  VA  22102 

(703)749-7070 

PACIFIC  BELL 

Gail  Hutchens 

2600  Camino  Ramon  Blvd. 
Room2E200 

San  Ramon,  CA  94583 

(415)823-5013 

Mai  Ziegler 

2600  Camino  Ramon  Blvd. 

Room  2S950 

San  Ramon,  CA  94583 

(415)823-3088 

US  SPRINT 

Mr.  Jay  Nelson 

13221  Woodland  Park  Rd. 
Herndon,  VA  22071 

(703)904-2099 

Mr.  Allen  Wild 

13221  Woodland  Park  Rd. 
Herndon,  VA  22071 

(703)904-2104 
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INTRODUCTION  TO  NATIONAL  COMPUTER  SECURITY  CENTER 

The  primary  goal  of  the  National  Computer  Security  Center  (NCSC)  is  to  encourage  the 
widespread  availability  of  trusted  systems.  This  goal  is  realized,  in  large  measure,  through 
the  NCSC’s  Trusted  Product  Evaluation  Program.  This  program  focuses  on  the  technical 
evaluation  of  the  protection  capabilities  of  commercially  produced  and  supported  systems. 
The  standards  against  which  products  are  evaluated  are  the  Department  of  Defense  Trusted 
Computer  System  Evaluation  Criteria  (TCSEC),  the  Trusted  Network  Interpretation  of  the 
Trusted  Computer  System  Evaluation  Criteria  (TNI),  the  Computer  Security  Subsystem 
Interpretation  of  the  Trusted  Computer  System  Evaluation  Criteria  (CSSI),  the  Trusted 
Database  Management  System  Interpretation  of  the  Trusted  Computer  System  Evaluation 
Criteria  (TDI). 

In  reading  the  information  contained  in  this  chapter,  the  following  defihitions  will  be  helpful 
to  the  reader. 

Accreditation  -  a  political  and/or  business  decision  relath  e  to  the  acceptability  of  a  system. 
The  Accreditor  is  the  authority  who  makes  the  final  decision  on  the  disposition  of  the  system 
for  which  he  is  responsible.  He  may  decide  to  either: 

(a)  accept  the  system,  with  any  attendant  security  risks; 

(b)  choose  to  operate  the  system  under  some  set  of  constraints  (e.g.,  limited  operations, 
limited  user  set,  test  and  repair  mode); 

(c)  reject  the  system  as  being  unfit  for  its  intended  use. 

The  Accreditation  authority  is  responsible  for  certification  (e.g.,  detailed  technical  analyses) 
performed.  While  his  decision  is  expected  to  take  into  account  the  results  and  recommen¬ 
dations  of  any  such  certification  activities,  his  decision  need  not  be  in  conformance  with 
any  specific  set  of  recommendations  (i.e.,  his  decision  is  not  based  entirely  upon  technical 
considerations). 

Certification  -  A  technical  analysis  of  a  system  relative  to  a  set  of  system  requirements. 
Results  in  a  determination  as  to  whether  or  not  the  system,  as  implemented,  is  capable  of 
delivering  the  services  or  characteristics  (e.g.,  security)  specified  in  the  system  requirements 
definition.  The  Certification  Authority  is  responsible  to  the  Accreditor,  and  provides  him  the 
results  of  the  analysis,  along  with  any  identifiable  risks  in  operating  the  system  as  originally 
specified,  as  well  as  any  recommendations  which  will  influence  the  Accreditor’s  final  decision. 
The  recommendations  may  be  of  the  form: 

(a)  accept  the  system  as  is; 

(b)  operate  the  system  in  constrained  mode  until  appropriate  remedial  action(s)  is(are)  taken; 

(c)  operate  the  system  under  conditions  different  from  those  specified  in  original  require¬ 
ments; 

(d)  reject  the  system  as  incapable  of  meeting  the  specified  operational  requirements. 
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Endorse  -  To  sanction;  to  approve  for  use. 

Authentication  -  The  determination  of  conformance  with  fact  or  reality,  of  being  actu¬ 
ally  and  exactly  what  is  claimed.  Commonly  used  in  connection  with  establishing  identity 
(Identification  and  Authentication,  or  I&A),  a  process  whereby  an  identity  is  claimed  and 
the  validity  of  the  claim  established  (e.g.,  via  a  password  unique  to  the  claimed  identity). 

Evaluation  -  The  assessment  for  conformance  with  a  pre-established  metric,  criteria,  or 
standard. 

We  are  interested  in  hearing  any  suggestions  that  you  have  to  improve  Chapter  4  of  this 
publication.  We  want  to  provide  accurate  and  useful  data.  Please  address  suggestions  to: 


National  Computer  Security  Center 
ATTN:  LT  Charles  G.  Menk  III,  C716 
Fort  George  G.  Meade,  MD 
20755-6000 
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INTRODUCTION  TO  THE  EVALUATED  PRODUCTS  LIST  (EPL) 

The  National  Computer  Security  Center  (NCSC)  was  created  to  study  and  implement  Trust 
Technology  for  computers  and  to  encourage  the  widespread  availability  and  use  of  trusted 
computer  security  products.  One  way  in  which  we  encourage  the  development  and  use  of 
trusted  computer  security  products  is  through  the  Trusted  Product  Evaluation  Program. 
Under  this  program,  the  NCSC  evaluates  the  technical  protection  capabilities  of  computer 
security  products  against  well-defined,  published  evaluation  criteria. 

The  NCSC’s  Product  Evaluation  Program  is  focused  on  the  technical  evaluation  of  the 
protection  capabilities  of  off-the-shelf,  commercially  produced  and  supported  systems  that 
meet  the  computer  security  needs  of  government  departments  and  agencies.  This  product 
evaluation  culminates  in  the  publication  of  an  Evaluated  Products  List  (EPL)  report  and 
is  independent  of  any  consideration  of  overall  system  performance,  potential  applications  or 
particular  processing  environment. 

The  primary  standard  against  which  products  are  evaluated  is  the  Depavtment  of  Defense 
Trusted  Computer  System  Evaluation  Criteria  (DOD  5200.28-STD),  hereafter  referenced  as 
the  ’’Criteria.”  The  Criteria  classifies  systems  into  seven  hierarchical  classes  based  on  fea¬ 
tures  and  assurances  to  support  three  types  of  security  requirements  -  policy,  accountability, 
and  assurance.  Assurance  requirements  contribute  to  confidence  that  the  required  features 
are  present  and  are  functioning  as  intended.  Other  standards  applied  to  products,  when 
appropriate,  are  the  Trusted  NETWORK  Interpretation  of  the  Trusted  Computer  System 
Evaluation  Criteria  (NCSC-TG-005,  Version  1)  and  the  Computer  Security  Subsystem  In¬ 
terpretation  of  the  Trusted  Computer  System  Evaluation  Criteria  (NCSC-TG-009,  Version 
1).  A  characterization  of  each  of  the  classes  is  contained  in  the  Appendix. 

PURPOSE 

The  aim  of  the  EPL  is  to  provide  ADP  system  developers,  managers  and  users  an  authori¬ 
tative  evaluation  of  a  system’s  relative  suitability  for  use  in  processing  sensitive  infoimation. 
The  products  on  the  EPL  have  been  evaluated  against  the  Criteria  and  assigned  an  Overall 
Evaluation  Class  rating.  The  security  evaluation  of  a  product  is  contained  in  a  formal  re¬ 
port  that  is  available  from  either  the  Government  Printing  Office  or  the  National  Technical 
Information  Service  (NTIS)  of  the  Department  of  Commerce. 

The  rating  given  to  the  product  is  the  highest  class  for  which  all  the  requirements  in  the 
Criteria  have  been  met.  The  Overall  Evaluation  Class  ratings  given  in  the  EPL  apply 
only  to  the  specific  hardware/software  configurations  listed  in  the  EPL  entry.  As  such,  the 
rating  indicates  that  the  product  met  or  exceeded  each  of  the  requirements  for  the  Overall 
Evaluation  Class.  Although  the  product  was  subjected  to  the  detailed  testing  specified  in 
the  Criteria  Guidelines,  it  must  be  emphasized  that  such  testing  is  not  sufficient  to  guarantee 
the  absence  of  flaws  in  the  product.  Rather,  the  EPL  entry  indicates  that  the  features  and 
assurances  of  the  product  appear  to  provide  the  classes  of  protection  characterized  by  the 
Overall  Evaluation  Class. 
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The  EPL  entry  does  not  constitute  any  general  or  overall  endorsement  of  the  product  by 
the  NCSC,  nor  does  it  constitute  any  DoD  certification  or  accreditation  of  the  product 
for  use  in  classified  or  sensitive  processing  environments.  Rather,  the  evaluation  provides 
an  essential  part  of  the  technical  evidence  required  for  such  certification  and  accreditation. 
Ultimate  responsibility  for  the  continuing  integrity  provided  by  the  security  mechanisms  of 
any  product  evaluated  by  the  NCSC  rests  solely  with  the  vendor.  The  EPL  is  available  to 
vendors  of  evaluated  products  to  actively  market  and  advertise  the  Overall  Evaluation  Class 
achieved  by  their  products  to  procurement  authorities  and  the  general  public. 

Products  are  separated  into  general-purpose  operating  systems,  add-on  packages,  and  sub¬ 
systems.  An  add-on  package  is  a  facility  that  runs  in  conjunction  with  a  specific  operating 
system  and  is  not,  by  itself,  a  system  that  performs  all  the  functions  traditionally  ascribed 
to  an  operating  system.  Initially,  the  evaluation  of  an  add-on  package  did  not  include  a 
complete  evaluation  of  the  underlying  operating  system  for  which  the  add-on  package  was 
designed.  The  evaluations  which  were  performed  in  that  manner  are  identified  in  the  add-on 
package  section  of  this  document.  Evaluations  of  add-on  systems  now  include  an  equally 
thorough  analysis  of  the  security-relevant  mechanisms  contained  in  the  underlying  operating 
system  because  the  integrity  of  the  add-on  package  ultimately  depends  upon  the  integrity  of 
the  operating  system.  These  systems  are  identified  in  the  operating  systems  section  of  this 
document. 

Subsystems  are  special-purpose  products  that  can  be  added  to  existing  computer  systems 
to  increase  security  and  implement  only  a  subset  of  the  security  features  identified  in  the 
Criteria.  Features  we  evaluate  are  identification  and  authentication,  audit,  access  control, 
and  object  reuse.  Subsystems  are  evaluated  against  the  Computer  Security  Subsystem  Inter¬ 
pretation  of  the  Trusted  Computer  System  Evaluation  Criteria  (Subsystem  Interpretation). 
The  ratings  assigned  use  a  special  nomenclature  to  distinguish  them  from  complete  system 
ratings. 

Subsystem  ratings  are  based  on  the  Evaluation  Criteria  Division  D,  which  is  reserved  for 
products  that  do  not  meet  all  of  the  requirements  of  a  higher  Evaluation  Class.  A  character¬ 
ization  of  the  subsystem  ratings  within  Division  D  is  contained  in  Appendix  A.  Before  the 
Subsystem  Interpretation  was  published,  subsystem  evaluations  were  based  only  on  the  Cri¬ 
teria,  and  ratings  were  not  given  to  evaluated  subsystems.  A  computer  security  subsystem 
evaluation  does  not  address  or  attempt  to  rate  the  overall  security  of  the  total  processing 
environment. 

A  subsystem  evaluation  is  concerned  only  with  the  subsystem  product,  and  not  any  host 
system  that  it  may  support.  Because  of  this,  the  users  of  evaluated  subsystems  must  be 
aware  of  the  implicit  dangers  inherent  in  assuming  too  much  about  the  degree  of  protection 
provided  by  many  subsystem  products.  One  area  that  the  user  must  be  aware  of  is  his 
own  responsibility  for  the  proper  installation  and  maintenance  of  the  interface  between  the 
subsystem  and  the  host  computer.  A  second  concern  for  the  user  is  that  any  subversion  of 
a  host  computer  by  means  not  protected  by  a  subsystem  product  may  invalidate  the  use  of 
the  subsystem  product,  even  though  the  subsystem  continues  to  function  correctly. 
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PRODUCT  BULLETINS 

The  Product  Bulletins  are  synopses  of  systems  currently  undergoing  formal  evaluation  by  the 
NCSC.  They  include  the  candidate  rating  for  the  system.  Candidate  ratings  in  the  Product 
Bulletins  are  not  an  official  evaluation  by  the  NCSC,  but  are  an  estimate  of  the  highest 
class  for  which  the  product  has  displayed  some  evidence  for  each  of  the  requirements  in  the 
Criteria.  The  evaluation  and  testing  requirements  from  the  Criteria  for  the  specified  candi¬ 
date  rating  class  will  be  used  to  evaluate  the  product  and  establish  an  Overall  Evaluation 
Class  rating  and  EPL  entry.  Product  Bulletins  are  superseded  when  the  formal  evaluation 
is  complete  and  the  EPL  rating  is  issued. 

RATING  MAINTENANCE  PHASE  (RAMP) 

The  NCSC  has  developed  the  Rating  Maintenance  Phase  (RAMP)  to  keep  its  EPL  current. 
One  of  the  primary  functions  of  the  NCSC  is  the  evaluation  of  commercial  products  using  the 
Criteria,  followed  by  publication  of  the  resulting  ratings  in  the  EPL.  Experience  shows  that  a 
full  evaluation  requires  significant  resources  and  time,  and  the  NCSC  has  been  hard-pressed 
to  keep  pace  with  the  release  cycle  of  the  evaluated  products.  As  a  result,  the  ’’rated”  version 
is  almost  never  the  ’’current”  version  of  the  product. 

Tlie  Trusted  Product  Evaluation  Program  has  become  so  successful  that  the  resources  needed 
to  re-evaluate  each  new  version  of  a  product  are  simply  not  available.  Thus,  the  NCSC  has 
initiated  RAMP.  Limited  to  maintenance  of  a  specific  rating,  RAMP  provides  a  mechanism 
that  will  permit  the  vendor  to  maintian  the  security  rating  of  an  evaluated  product  on 
subsequent  releases  or  versions,  as  long  as  the  program  defined  by  the  NCSC  is  adhered  to 
by  the  developer.  A  re-evaluation  will  be  required  if  the  product  is  a  cante  for  a  higher 
rating.  Additional  information  may  be  found  in  the  Rating  Maintenance  Phase:  Program 
Document  (NCSC-TG-013,  Version  1). 

POLICY  ON  EVALUATION  OF  DATA  REMANENCE  PRODUCTS 
POLICY 

Effective  immediately,  the  NCSC  will  no  longer  evaluate  the  class  of  products  known  variously 
as  overwrite,  data  remanence,  magnetic  remanence,  data  sanitization,  or  media  clearance 
products. 

RATIONALE 

With  advances  in  technology,  research  is  required  to  determine  the  extent  to  which  overwrite 
or  erasure  operations  must  be  conducted  to  purge  or  erase  magnetic  media  for  declassification. 
Furthermore,  because  most  of  these  products  are  utility  programs  with  little  or  no  integra¬ 
tion  into  the  trusted  base  of  the  operating  system,  we  are  unable  to  make  general  statements 
about  product  behavior  independent  of  the  specific  operational  environment.  Additionally, 
products  are  now  emerging  in  the  marketplace  that  are  based  not  on  applications-level  soft¬ 
ware  or  operating  system  utilities  but  on  actual  physical  devices  that  perform  the  erasure 
function  electromagnetically. 
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At  this  time,  we  do  not  know  enough  about  the  physics  of  these  devices  to  comment  on  them 
and  advise  our  customers  concerning  the  characteristics  of  this  new  hardware  approach  to 
solving  the  sanitization  problem. 

FUTURE 

Because  of  the  need  for  these  products,  we  plan  to  initiate  a  program  to  research  the  overwrite 
parameters  required  to  ensure  information  is  no  longer  retrievable  from  magnetic  media.  We 
anticipate  revisions  to  our  publication  Department  of  Defense  Magnetic  Remanence  Security 
Guideline,  CSC-STD-005-85,  (the  ’’Blue  Book”)  upon  completion  of  the  research  into  these 
issues.  Until  these  efforts  are  complete,  system  accreditors  must  prudently  manage  risk. 

If  you  have  questions  concerning  this  matter,  please  contact  the  NCSC  at  (301)  859-4463, 
or  by  writing  to: 


National  Computer  Security  Center 
ATTN:  C81 

Fort  George  G.  Meade,  MD 
20755-6000 
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The  National  Computer  Security  Center  Trusted  Product  Evaluation  Program 
Process  Phases: 

Definitions  of  Evaluation  Phases 

Vendor  Assistance  Phase  (VAP)  -  This  is  the  first  of  the  three  phases  of  a  typical 
evaluation  of  a  system,  network  or  network  component.  (Subsystems  move  directly  into 
Formal  Evaluation).  During  VAP,  the  NCSC  serves  primarily  in  an  advisory  capacity.  The 
majority  of  the  work  done  in  this  phase  is  conducted  by  the  vendor,  who  thus  controls 
the  schedule.  Because  this  phase  is  vendor-driven,  vendors  with  considerable  experience  or 
understanding  of  trust  technology  may  be  able  to  expedite  the  completion  of  their  product 
development. 

While  inclusion  in  this  phase  of  an  evaluation  represents  a  vendor’s  commitment  to  trust 
technology,  it  should  not  be  taken  as  a  guarantee  that  the  product  will  successfully  complete 
evaluation  or  become  commercially  available.  Both  the  development  and  the  evaluation  of 
trusted  products  can  be  a  considerable  challenge  to  vendors,  and  this  phase  is  intended  to 
ensure  that  only  those  products  which  can  reasonably  be  expected  to  proceed  through  a 
complete  evaluation  continue  into  the  Design  Analysis  phase. 

During  VAP  the  vendor  completes  the  development  of  the  product,  designs  security  test  pro¬ 
cedures,  and  drafts  documentation  while  the  NCSC  ensures  that  the  vendor’s  documentation 
of  these  efforts  reflects  an  understanding  of  trust  technology  and  evaluation  requirements  as 
they  are  articulated  in  the  Trusted  Computer  System  Evaluation  Criteria  (TCSEC).  Upon 
satisfactory  completion  of  this  effort,  the  evaluation  team  will  recommend  to  NCSC  man¬ 
agement  that  the  product  begin  Design  Analysis,  the  second  phase  of  the  evaluation  process. 

POCs  for  products  in  the  Vendor  Assistance  Phase  are  listed  in  the  green  section  of  the 
Evaluated  Products  List  for  Trusted  Computer  Systems. 

Design  Analysis  Phase  (DAP)  -  In  this  second  phase  of  evaluation,  the  product  is  largely 
completed  and  the  evaluation  team  develops  a  detailed  understanding  of  the  system,  its  secu¬ 
rity  features  and  its  assurances.  In  this  phase,  the  evaluation  team  is  augmented,  undergoes 
system  internals  training  to  gain  an  understanding  of  the  product’s  details,  and  performs 
analysis  of  the  product’s  design.  This  is  accomplished  through  vendor  documentation  and 
team-vendor  interaction.  The  goal  of  this  analysis  is  to  gain  assurance  that  the  system, 
if  implemented  as  designed,  is  likely  to  meet  the  product’s  candidate  level  of  trust.  This 
phase  culminates  with  an  Initial  Product  Assessment  Report  (IPAR),  which  documents  the 
evaluation  team’s  understanding  of  the  system  based  on  the  information  the  vendor  has 
provided. 

The  NCSC  Technical  Review  Board  (TRB)  reviews  this  report  to  ensure  that  the  evaluation 
team  has  not  omitted  any  aspect  of  the  product  analysis  and  can  substantiate  that  the  prod¬ 
uct  should  enter  the  formal  phase.  Products  in  Design  Analysis  must  become  commercially 
available  within  twelve  months  of  the  start  of  this  phase  (if  not  already  available). 
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POCs  for  products  in  the  Design  Analysis  Phase  are  listed  in  the  tan  section  of  the  Evaluated 
Products  List  for  Trusted  Computer  Systems. 

Formal  Evaluation  (FE)  -  In  this  final  phase  of  evaluation,  the  evaluation  tearri  analyzes 
and  tests  the  implementation’s  compliance  with  the  TCSEC  requirements  for  the  candidate 
level  of  trust  (or  the  requirements  of  an  appropriate  interpretation  of  the  TCSEC,  such  as 
the  Trusted  Network  Interpretation).  The  next  step  of  the  evaluation  is  the  generation  of 
the  Final  Evaluation  Report.  As  with  the  IPAR,  this  report  is  reviewed  by  the  NCSC  TRB, 
which  ensures  that  the  team  has  verified  that  the  product  meets  the  candidate  level  of  trust. 

Product  Bulletins,  issued  when  product  enter  the  Formal  Evaluation  Phase,  are  printed  in 
the  blue  section  of  the  Evaluated  Products  List  for  Trusted  Computer  Systems. 

Evaluated  product  entries  are  listed  in  the  white  section  of  the  Evaluated  Products  List  for 
Trusted  Computer  Systems. 

Rating  Maintenance  (RAMP)  -  Products  evaluated  at  the  C2  or  B1  level  of  trust  then 
continue  with  the  Rating  Maintenance  Phase.  The  purpose  of  this  phase  is  to  provide 
currently  available  trusted  products.  Without  RAMP,  only  the  initial  evaluated  version 
is  a  trusted  system  with  an  Orange  Book  rating.  RAMP  builds  cumulatively  upon  the 
evidence  and  assurance  established  by  a  product  evaluation,  with  the  primary  responsibility 
for  maintaining  product  trust  lying  with  the  vendor.  The  vendor  follows  strict  procedures 
that  integrate  security  analysis,  configuration  control,  and  evidence  accumulation  into  the 
development  process.  The  NCSC  then  extends  the  product  rating  to  each  successive  release 
by  ascertaining  that  the  vendor  has  executed  all  rating  maintenance  responsibilities  fully 
and  correctly. 

Changes  in  the  EPL  -  Changes  in  the  Evaluated  Products  List  since  its  most  recent 
publication  are  highlighted  in  the  orange  section  of  the  chapter.  These  changes  include  dele¬ 
tions,  additions,  schedule  changes  (most  notably  for  those  products  in  the  Formal  Evaluation 
phase),  and  phase  changes  (e.g.,  as  a  product  advances  from  VAP  to  DA,  this  progress  will 
be  highlighted  on  the  Change  pages). 

NOTE:  The  National  Computer  Security  Center  is  committed  to  protecting  vendor  propri¬ 
etary  information,  including  both  marketing  and  technical  data.  This  is  considered  to  be  a 
serious  responsibility  and  will  not,  under  any  circumstances,  be  neglected  in  order  to  provide 
additional  information  about  products  under  evaluation  or  their  progress  through  the  evalu¬ 
ation  program.  For  additional  information  about  products  under  evaluation  by  the  National 
Computer  Security  Center,  users  of  the  Evaluated  Products  List  are  invited  to  contact  the 
vendor  POCs  provided  within  this  list. 
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Trusted  Computer  System  Evaluation  Criteria  Divisions  and  Classes 


Division  D:  Minimal  Protection 

This  division  is  reserved  for  those  systems  that  have  been  evaluated  but  fail  to  meet  all  of 
the  requirements  for  a  higher  evaluation  division.  This  division  is  divided  into  classes  only 
for  subsystems  as  described  below  in  ’’Subsystem  Evaluations”. 

Division  C:  Discretionary  Protection 

Classes  in  this  division  provide  for  discretionary  (need-to-know)  protection  and,  through  the 
inclusion  of  audit  capabihties,  for  accountability  of  subjects  and  the  actions  they  initiate. 

Class  Cl:  Discretionary  Security  Protection 

The  Trusted  Computing  Base  (TCB)  of  a  class  Cl  system  nominally  satisfies  the  discre¬ 
tionary  access  security  requirements  by  providing  separation  of  users  and  data.  It  incorpo¬ 
rates  some  form  of  credible  controls  capable  of  enforcing  access  limitations  on  an  individual 
basis,  i.e.,  ostensibly  suitable  for  allowing  users  to  be  able  to  protect  project  or  private  in¬ 
formation  and  to  keep  other  users  from  accidentally  reading  or  destroying  their  data.  The 
class  Cl  environment  is  expected  to  be  one  of  cooperating  users  processing  data  at  the  same 
level(s)  of  security. 

Class  C2:  Controlled  Access  Protection 

Systems  in  this  class  enforce  a  more  finely  grained  discretionary  access  control  than  Cl 
systems,  making  users  individually  accountable  for  their  actions  through  login  procedures, 
auditing  of  security-relevant  events,  and  resource  isolation. 

Division  B:  .  Mandatory  Protection 

The  notion  of  a  TCB  that  preserves  the  integrity  of  sensitivity  labels  and  uses  them  to  enforce 
a  set  of  mandatory  access  control  rules  is  a  major  requirement  in  this  division.  Systems  in 
this  division  must  carry  the  sensitivity  labels  with  major  data  structures  in  the  system.  The 
system  developer  also  provides  the  security  policy  model  on  which  the  TCB  is  based  and 
furnishes  a  specification  of  the  TCB.  Evidence  must  be  provided  to  demonstrate  that  the 
reference  monitor  concept  has  been  implemented. 
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Class  Bl: 


Labeled  Security  Protection 


Class  Bl  systems  require  all  the  features  required  for  a  class  C2.  In  addition,  an  informal 
statement  of  the  security  policy  model,  data  labeling,  and  mandatory  access  control  over 
named  subjects  and  objects  must  be  present.  The  capability  must  exist  for  accurately 
labelling  exported  information.  Any  flaws  identified  by  testing  must  be  removed. 

Class  B2:  Structured  Protection 

In  class  B2  systems,  the  TCB  is  based  on  a  clearly  defined  and  documented  formal  security 
model  that  requires  the  discretionary  and  mandatory  access  control  enforcement  found  in 
class  Bl  systems  be  extended  to  all  subjects  and  objects  in  the  ADP  system.  In  addition, 
covert  channels  are  addressed.  The  TCB  must  be  carefully  structured  into  protection-critical 
and  non-protection-critical  elements.  The  TCB  interface  is  well-defined  and  the  TCB  design 
and  implementation  enable  it  to  be  subjected  to  more  thorough  testing  and  more  complete 
review.  Authentication  mechanisms  are  strengthened,  trusted  facility  management  is  pro¬ 
vided  in  the  form  of  support  for  system  administrator  and  operator  functions,  and  stringent 
configuration  management  controls  are  imposed.  The  system  is  relatively  resistant  to  pene¬ 
tration. 

Class  B3:  Security  Domains 

The  class  B3  TCB  must  satisfy  the  reference  monitor  requirements  that  it  mediate  all  accesses 
of  subjects  to  objects,  be  tamper-proof,  and  be  small  enough  to  be  subjected  to  analysis  and 
tests.  To  this  end,  the  TCB  is  structured  to  exclude  code  not  essential  to  security  policy 
enforcement,  with  significant  system  engineering  during  the  TCB  design  and  implementation 
directed  toward  minimizing  its  complexity.  A  security  administrator  is  supported,  audit 
mechanisms  are  expanded  to  signal  security-relevant  events,  and  system  recovery  procedures 
are  required.  The  system  is  highly  resistant  to  penetration. 

Division  A:  Verified  Protection 

This  division  is  characterized  by  the  use  of  formal  security  verification  methods  to  assure 
that  the  mandatory  and  discretionary  security  controls  employed  in  the  system  can  effectively 
protect  classified  or  other  sensitive  information  stored  or  processed  by  the  system.  Extensive 
documentation  is  required  to  demonstrate  that  the  TCB  meets  the  security  requirements  in 
all  aspects  of  design,  development  and  implementation. 


4-x 


Class  Al: 


Verified  Design 


Systems  in  Al  are  functionally  equivalent  to  those  in  class  B3  in  that  no  additional  archi¬ 
tectural  features  or  policy  requirements  are  added.  The  distinguishing  feature  of  systems  in 
this  class  is  the  analysis  derived  from  formal  design  specification  and  verification  techniques 
and  the  resulting  high  degree  of  assurance  that  the  TCB  is  correctly  implemented.  This  as¬ 
surance  is  developmental  in  nature,  starting  with  a  formal  model  of  the  security  policy  and  a 
Formal  Top-Level  Specification  (FTLS)  of  the  design.  In  keeping  with  the  extensive  design 
and  development  analysis  of  the  TCB  required  of  systems  in  class  Al,  more  stringent  con¬ 
figuration  management  is  required  and  procedures  are  established  for  securely  distributing 
the  system  to  sites.  A  system  security  administrator  is  supported. 

Subsystem  Evaluations: 

Although  the  requirements  for  subsystems  are  derived  from  the  TCSEC,  the  ratings  for 
subsystems  do  not  directly  reflect  the  TCSEC  class  from  which  they  are  derived.  Since 
subsystems  do  not  meet  all  of  the  requirements  for  a  class  Cl  or  higher  computer  system, 
it  is  most  appropriate  to  associate  subsystem  ratings  with  the  D  division  of  the  TCSEC. 
Subsystem  ratings  are  applied  to  each  subsystem  function  evaluated  (e.g..  Audit).  A  sub¬ 
system  may  be  awarded  a  rating  under  one  or  more  fuctions.  Possible  ratings  for  individual 
functions  are: 

SUBSYSTEM  FUNCTION  POSSIBLE  RATING 

Discretionary  Access  Control  DAC/D 

DAC/D 

DAC/Dl 

DAC/D2 

DAC/D3 

Object  Reuse  OR/D 

0R/D2 

Identification  and  Authentication  I&A/D 

I&A/Dl 

I&A/D2 


Audit 


AUD/D 

AUD/D2 

AUD/D3 


The  D1  class  is  assigned  to  subsystems  that  meet  the  interpretations  for  requirements  drawn 
from  the  Cl  TCSEC  class.  Likewise,  the  D2  class  consists  of  requirements  and  interpretations 
that  are  drawn  from  the  C2  TCSEC  class.  The  D3  subystem  class  is  reserved  for  DAC 
subsystems  and  audit  subsystems  that  meet  the  B3’ functionality  requirements  for  those 
functions. 
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LIST  OF  COMPANIES  WORKING  WITH  THE  NCSC 

The  following  companies  are  working  with  the  National  Computer  Security  Center  in  the 
development  of  Trusted  Computing  Products: 

Addamax 

Amdahl 

American  Computer  Security  Industries 
AT&T  UNIX  System  Laboratories 
Aerospace 
Boeing 

Concurrent  Computer  Corporation 
Convex  Computer  Corporation 
Cray  Research  Inc. 

Digital  Equipment  Corporation 
Gemini  Computers,  Inc. 

Harris  Corporation 

Hewlett  Packard  Computer  Systems  Div. 

HFSI,  Inc. 

International  Business  Machines  Corp. 

Informix 

Loral  Command  and  Control  Systems 
Oracle  Corporation  Sequent  Computer  Systems 
Silicon  Graphics  Inc. 

Sun  Microsystems  Federal,  Inc. 

Tandem  Computers  Inc. 

Trusted  Information  Systems,  Inc. 

Unisys  Corporation 
Wang  Laboratories,  Inc. 


EVALUATED  PRODUCTS  LIST 


for 


TRUSTED  COMPUTER  SYSTEMS 


As  of  5  December  1991 
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INDEX  OF  PRODUCTS  BY  VENDOR 


INDEX  OF  EVALUATED  PRODUCTS  AND  PRODUCTS  IN  EVALUATION 

BY  VENDOR 


Vendor 

Product/Product  Type 

Evaluation 

Status 

Page 

Addamax  Corp. 

Compartmented  Mode 

DAP 

4-2b.l 

Amdahl  Corp. 

Workstation 

Network  Component 

VAP 

4-2a.2 

UTS/MLS 

DAP 

4-2b.l 

ALC  Stealth  Group 

Tiger safe 

Completed 

4-3d.l8 

Tigersafe  3.03.1  En 

Completed 

4-3b.27 

American  Computer 

COMPSEC-II,  Release  B3.1 

Completed 

4-3d.35 

Security  Ind.,  Inc. 

American  Telephone 

System  V/MLS,  Release  1.1.2 

Completed 

4-3b.24 

and  Telegraph  Co. 

System  V/MLS,  Release  1.2.0 

Complete  RAMP 

4-3f.4 

American  Telephone 
and  Telegraph  Co. 

UNIX  System  V,  Release  4.1 

Formal 

4-3a.5 

UNIX  Systems  Labs 

Boeing  Aerospace 

SNS 

Completed 

4-3e.5 

SNS  +  NM 

DAP 

4-2b.3 

Clyde  Digital  Systems 

Dialback 

Completed 

4-3d.l2 

Codercard,  Inc. 

CPP-300 

Completed 

4-3d.2 

Computer 

Private  Access 

Completed 

4-3d.l4 

Accessories,  Inc. 

Computer  Associates 

ACF2/MVS 

Completed 

4-3C.3 

International 

acf2/VM 

Completed 

4-3b.ll 

Top  Secret 

Completed 

4-3C.5 

Op  Sys  ADD-ON  PACKAGE 

VAP 

4-2a.l 

Computer  Security 

Citadel 

Completed 

4-3d.l3 

Corporation 

Sentinel 

Completed 

4-3d.7 

4-A.l 


Vendor 

Product/Product  Type 

Evaluation 

Status 

Page 

Concurrent  Computer 
Corporation 

OS-32 

Formal 

4-3a.8 

Control  Data 

Corporation 

NOS 

Completed 

4-3b.5 

Convex  Computer  Corp. 

Convex  Unix 

DAP 

4-2b.l 

Cortana  Systems  Corp. 

PC  Security 

Completed 

4-3d.l0 

Cray  Research  Inc. 

Network  Component 

VAP 

4-2a.2 

Data  General  Corp 

AOS/ VS 

Completed 

4-3b.21 

Digital  Equipment 
Corporation 

VAX/VMS  4.3 

ULTRIX  1.0 

SE-VMS 

Complete  RAMP 
DAP 

DAP 

4-3f.l 

4-2b.l 

4-2b.2 

Enigma  Logic.,  Inc 

Safeword 

Completed 

4-3d.6 

E-X-E  Software  Security 

OnGuard 

Completed 

4-3d.26 

Eyedentify  International 
Systems  Corp. 

Eyedentify  Information  Security 
System  (EIS) 

Completed 

4-3d.29 

Fischer  International 

Watchdog 

Watchdog  Armor 

Completed 

Completed 

4-3d.3 

4-3d.31 

Gemini  Computers,  Inc. 

Gemini  Trusted  Network  Processor 

DAP 

4-2b.3 

Gordian  Systems,  Inc. 

Access  Key 

Completed 

4-3d.l 

Gould,  Inc.,  Computer 
Systems  Division 

UTX/32S 

Completed 

4-3b.7 

4-A.2 


Vendor 

Harris  Corporation 

Hewlett  Packard  Computer 
Systems  Div. 

Honeywell  Information 
Systems,  Inc. 

HFSI  Inc. 

International  Business 
Machines  Corp. 

IDENTIX  Corp. 

Infosafe  Corp. 

Infotron 

Informix 

Key  Concepts, Inc. 

Loral  Command  and 
Control  Systems 

Micronyx,  Inc. 

Oracle  Corporation 


Product/Product  Type 

cx/sx 

MPE  V/E 
HP-UX  BLS 

Multics 

SCOMP 

XTS-200 

MVS/RACF 
MVS/XA  with  RACF 
VM/SP  with  RACF 
MVS-ESA 

AIX  Compartmented  Mode 
Workstation 

Proprietary  Operating  System 

IDX-50 

X-LOCK-50 

INX  4400 

Database  Management  System 

SureKey 

MLS  100 

TriSpan 

Database  Management  System 


Evaluation 

Status 

Page 

DAP 

4-2b.l 

Completed 

4-3b.l9 

DAP 

4-2b.l 

Completed 

4-3b.3 

Completed 

4-3b.l 

Formal 

4-3a.3 

Completed 

4-3C.1 

Completed 

4-3b.l4 

Completed 

4-3b.30 

Completed 

4-3b.33 

DAP 

4-2h.l 

VAP 

4-2a.l 

Completed 

4-3d.9 

Completed 

4-3d,15 

Completed 

4-3d.l6 

VAP 

4-2a'.2 

Completed 

4-3d.8 

DAP 

4-2a.2 

Completed 

4-3d.20 

VAP 

4-2a.2 

4-A.3 


Evaluation 

Vendor 

Product/Product  Type 

Status 

Page 

Prime  Computer, Inc. 

Primos 

Completed 

4-3b.l7 

Pyramid  Development  Corp. 

PC/DACS 

Completed 

4-3d.24 

Secureware,  Inc. 

Compartmented  Mode 
Workstation  Plus 

Completed 

4-3b.40 

Security  Dynamics,  Inc. 

ACE 

Completed 

4-3d.5 

Security  Microsystems 
Incorporated 

LOCKIT  Professional  2.10 

Completed 

4-3d.33 

Sequent  Computer  Systems 

Unix  Operating  System 

VAP 

4-2a.l 

Silicon  Graphics  Inc. 

Unix  operating  system 

VAP 

4-2a.l 

Spectrum  Manufacturing,  Inc.  DPS  800/12 

Completed 

4-3d.ll 

Sun  Microsystems 
Federal,Inc. 

SunOS 

DAP 

4-2b.l 

Sytek,  Inc. 

PFX  Passport 

Completed 

4-3d.4 

Tandem  Computers  Inc. 

Guardian-90 

DAP 

4-2b.2 

Trusted  Information 

Trusted  XENIX 

Completed 

4-3b.38 

Systems,  Inc. 

Trusted  XENIX  running  on 
286/386  Clones 

DAP 

4-2b.l 

Unisys  Corp. 

A  Series 

Completed 

4-3b.9 

OS  1100 

Completed 

4-3b.27 

OS  1100/2200  Release  SB3R6 

Complete  RAMP 

4-3f.7 

Verdix  Corp. 

VSLAN  5.0 

Completed 

4.3e.l 

Wang  Laboratories.,  Inc. 

SVS/OS  CAP  1.0 

Completed 

4-3b.36 

MicroControl 

Completed 

4-3d.22 

SVS/OS  CAP  1.01 

Complete  RAMP 

4-3f.l0 

4-A.4 


4-B 

INDEX  OF  PRODUCTS  BY  LEVEL  OF  TRUST 


INDEX  OF  COMPLETED  AND  FORMAL  EVALUATIONS 

BY  LEVEL  OF  TRUST 


Subsystems: 


Vendor 

Product/Product  Type 

Evaluation 

Status 

Page 

ALC  Stealth  Group 

Tigersafe 

Completed 

4-3d.l8 

Tigersafe  3.03.1EN 

Completed 

4-3cl.27 

ASCI 

COMPSEC-II  Release  B3.1 

Completed 

4-3d.35 

Clyde  Digital  Systems 

Dialback 

Completed 

4-3d.l2 

Codercard,  Inc. 

CPP-300 

Completed 

4-3d.2 

Computer  Accessories,  Inc. 

Private  Access 

Completed 

4-3d.l4 

Computer  Security  Corp. 

Citadel 

Completed 

4-3d.l3 

Sentinel 

Completed 

4-3d.7 

Cortana  Systems  Corp. 

PC  Security 

Completed 

4-3d.l0 

Enigma  Logic,  Inc. 

Safeword 

Completed 

4-3d.6 

E-X-E  Software  Security 

OnGuard 

Completed 

4-3d.26 

Eyedentify  Inc. 

EIS 

Completed 

4-3d.29 

Fischerinternational 

Watchdog 

Completed 

4-3d.3 

Watchdog  Armor 

Completed 

4-3d.31 

Gordian  Systems,  Inc. 

Access  Key 

Completed 

4-3d.l 

IDENTIX  Corp. 

IDX-50 

Completed 

4-3d.9 

Infosafe  Corp. 

X-LOCK  50 

Completed 

4-3d.l5 

Infotron 

INX  4400 

Completed 

4-3d.l6 

Key  Concepts,  Inc. 

SureKey 

Completed 

4-3d.8 

Micronyx,  Inc. 

TriSpan 

Completed 

4-3d.20 

Pyramid  Development  Corp. 

PC/DACS 

Completed 

4-3d.24 

Security  Dynamics,  Inc. 

ACE 

Completed 

4-3d.5 

Security  Microsystems,  Inc. 

LOCKIT  Professional  2.10 

Completed 

4-3d.33 

Spectrum  Manufacturing,  Inc, 

•  DPS  800/12 

Completed 

4-3d.ll 

Sytek,  Inc. 

PEX  Passport 

Completed 

4-3d.4 

Wang  Laboratories 

MicroControl 

Completed 

4-3d.22 

4-B.l 


Cl: 


Vendor 

Product/Product  Type 

Evaluation 

Status 

Page 

International  Business 
Machines  Corp. 

MVS/RACF 

Completed 

4-3C.1 

C2: 

Computer  Associates 
International 

ACF2/MVS 

acf2/VM 

Top  Secret 

Completed 

Completed 

Completed 

4-3C.3 

4-3b.ll 

4-3C.5 

Concurrent  Computer  Corp. 

OS-32 

Formal 

4-3a.8 

Control  Data  Corporation 

NOS 

Completed 

4-3b.5 

Data  General  Corp. 

AOS/VS 

Completed 

4-3b.21 

Digital  Equipment  Corp. 

VAX/VMS  4.3 

Completed 

4-3f.l 

Gould,  Inc.,  Computer 
Systems  Division 

UTX/32S 

Completed 

4-3b.7 

Hewlett  Packard  Computer 
Systems  Division 

MPE  V/E 

Completed 

4-3b.l9 

International  Business 
Machines  Corp. 

MVS/XA  with  RACE 

VM/SP  with  RACE 

Completed 

Completed 

4-3b.l4 

4-3b.30 

Prime  Computer,  Inc. 

Primes 

Completed 

4-3b.l7 

Unisys  Corp. 

A  Series 

Completed 

4-3b.9 

Wang  Laboratories,  Inc. 

SVS/OS  CAP  1.0 

SVS/OS  CAP  1.01 

Completed 

Complete  RAMP 

4-3b.36 

4-3f.l0 

4-B.2 


Bl; 

Vendor 

American  Telephone  and 
Telegraph  Co. 

International  Business 
Machines  Corp. 

Secureware,  Inc. 

Unisys  Corp. 

B2; 

AT&T 

Unix  System  Laboratory  Inc. 

Honeywell  Information 
Systems,  Inc. 

Trusted  Information  Systems 

Verdix  Corp. 

B3; 

HFSI 


Product/Product  Type 

Evaluation 

Status 

Page 

System  V/MLS  Re:  1.1.2 
System  V/MLS  Re:  1.2.0 

Completed 

Complete  RAMP 

CO  CO 

MVS-ESA 

Completed 

4-3b.33 

Compartmented  Mode 
Workstation  Plus 

Completed 

4-3b.40 

OS  1100 

OS  1100/2200  Re:  SB3R6 

Completed 

Complete  RAMP 

4-3b.27 

4-3f.7 

Unix  System  V 

Release  4.1 

Formal 

4-3a.5 

Multics 

Completed 

4-3b.3 

Trusted  XENIX 

Completed 

4-3b.38 

Trusted  XENIX  running  on 
286/386  Clones 

DAP 

4-2b.l 

VSLAN  5.0 

Completed 

4-3e.l 

XTS-200 

Formal 

4-3a.3 

4-B.3 


Al: 


Evaluation 

Vendor 

Product/Product  Type 

Status 

Page 

Boeing  Aerospace 

SNS 

SNS  +  NM 

Completed 

DAP 

4-3e.5 

4-2b.3 

Honeywell  Information 
Systems,  Inc. 

SCOMP 

Completed 

4-3b.l 

4-B.4 


4-1 

CHANGES  TO  THE  EVALUATED  PRODUCTS  LIST 


CHANGES  TO  THE  EVALUATED  PRODUCTS  LIST 

Level 

Vendor  Product/Product  Type  of  Trust  Page 

Additional  Products  in  the  Vendor  Assistance  Phase: 

NONE 

Products  Transitioning  from  Vendor  Assistance  Phase  to  Design  Analysis  Phase: 

NONE 

Additional  Products  in  the  Design  Analysis  Phase: 

NONE 

Products  Transitioning  from  Design  Analysis  Phase  to  Formal  Evaluation  Phase: 
Concurrent  Computer  Corp.  OS-32  C2  4-3a.8 


4-1.1 


Level 

Vendor  Product/Product  Type  of  Trust 

Completed  Systems  Evaluations: 

NONE 

Completed  Subsystem  Evaluations: 

NONE 

Completed  RAMP  Evaluations: 

Wang  Laboratories,  Inc.  SVS/OS  CAP  1.01  C2 

Products  No  Longer  Under  Evaluation: 

Microsoft  Corporation  Proprietary  operating  system 


Page 


4-3f.l0 


4-1.2 


4-2 

PRODUCT  POINTS  OF  CONTACT  BY  PHASE  OF  EVALUATION 


4-2a 

PRODUCTS  IN  THE  VENDOR  ASSISTANCE  PHASE 


VENDOR  ASSISTANCE  PHASE  POTENTIAL  PRODUCTS  LIST 

POINTS  OF  CONTACT 


I.  Trusted  Systems  and  Operating  Systems  (UNIX-like  Systems) 


Vendor 

POC  and  # 

Product  Description 

Sequent  Computer 

Systems  Inc. 

David  Aucsmith 
(503)  578-4436 

Unix  based  Operating  System 

Silicon  Graphics  Inc. 

Linda  Jo  Dolny 
(415)  335-1021 

Unix  based  Operating  System 

II.  Trusted  Systems  and  Operating  Systems  (Proprietary  Systems) 

Vendor 

POC  and  # 

Product  Description 

International  Business 
Machines  Corp. 

Bill  Vance 
(914)  766-1900 

Proprietary  Operating  System 

Computer  Associates 
International 

Lynn  Grant 
(312)  714-7639 

Proprietary  Operating  System 

4-2a.l 


III.  Network  Systems  and  Network  Components 

Vendor  POC  and  ^  Product  Description 

Amdahl  Corporation  Bill  O’Connel  Network  Component 

(408)  746-6891 

Cray  Research,  Inc.  Paul  Falde  Network  Component 

(612)  683-5467 

IV.  Data  Base  Management  Systems 


Vendor 

POC  and  # 

Product  Description 

Informix 

Candice  Novbakhtian 

DBMS 

(415)  926-6776 

Oracle  Corporation 

Linda  Vetter 
(415)  506-6380 

RDBMS 

4.2a.2 


4-2b 

DESIGN  ANALYSIS  PHASE 


DESIGN  ANALYSIS  PHASE  POTENTIAL  EVALUATED  PRODUCTS  LIST 

POINTS  OF  CONTACT 


1.  Trusted  Systems  and  Operating  Systems  (UNIX-like  Systems) 


Vendor 

POC  and  # 

Product  and  Candidate  Division 

Addamax  Corp. 

Randall  J.  Sandone 
(217)  359-0700 

Compartmented  Mode  Workstation  -  B 

Amdahl  Corporation 

Bill  O’Connell 
(408)  746-6891 

UTS/MLS 

Convex  Computer  Corp 

Blair  Baker 
(214)  497-4536 

Convex  Unix  -  C 

Digital  Equipment 
Corporation 

Paul  T.  Cummings 
(508)  264-5026 

Compartmented  Mode  Workstation  -  B 
ULTRIX  1.0 

Harris  Corporation 

Wendell  Norton 
(305)  973-5201 

CX/SX  -  B1 

Hewlett  Packard 

Wayne  Caccamo 
(408)  447-4020 

HP-UX  B  Level  System  -  B 

International  Business 
Machines  Corp. 

Tom  Jackson 
(301)  240-7306 

AIX  Compartmented  Mode 
Workstation  -B 

Sun  Microsystems 

Larry  Baron 
(408)  276-3414 

Compartmented  Mode  Workstation  -B 
Sun- OS 

Trusted  Information 
Systems 

George  Mundy 
(301)  854-6889 

Trusted  XENIX 

Running  on  286/386  clones  -  B 

4-2b.l 


II.  Trusted  Systems  and  Operating  Systems  (Proprietary  Systems) 


Vendor 

POC  and  # 

Product  Description 

Digital  Equipment 

Dennis  McMann 

Security  Enhanced  VMS  -  C/B 

Corporation 

(508)  486-6579 

Tandem  Computers  Inc. 

William  J.  Buer 
(408)  725-6000 

Guardian-90  -  C 

4-2b.2 


III.  Network  Systems  and  Network  Components 


Vendor 

POC 

Product  and  Candidate  Division 

Boeing  Aerospace 

Ken  Takeuchi 
(202)  773-0628 

SNS  -f-NM  -■  A 

Gemini  Computers  Inc. 

Dr.  Tien  F.  Tao 
(408)  373-8500 

Gemini  Trusted  Network 

Processor  -A 

Loral  Command  and 
Control  Systems 

Larry  Megalo 
(719)  594-1012 

MLS  100  -  B 

IV.  Data  Base  Management  Systems 

Vendor  POC  and  #  Product  Description 

NONE 


4-2b.3 


4-2c 

PRODUCTS  IN  FORMAL  EVALUATION 


PRODUCTS  IN  FORMAL  EVALUATION 


Vendor 


POC  and  # 


XTS-200/STOP 
HFSI,  Inc. 

CSC-PB-90/003 

Unix  System  V  Release  4.1 
(Enhanced  Security) 

AT&T  Unix  System  Laboratory  Inc. 
CSC-PB-91/001 

OS-32 

Concurrent  Computer  Corporation 
CSC-PB-91/002 


Dr.  George  E.  Webber 
(703)  827-3639 


Jeanne  M.  Baccash 
(201)  522-6345 


Chris  Kirschman 
(908)  758-7000 


4-2C.1 


4-2d 

COMPLETED  EVALUATIONS  LISTING 


COMPLETED  EVALUATIONS 


ORDERING  INFORMATION: 

Single  copies  of  Final  Evaluation  Reports  may  be  obtained  by  calling  the  INFOSEC  Aware¬ 
ness  Division  at  (301)  766-8729,  or  by  sending  a  request  to: 


DIRECTOR 

National  Security  Agency 
ATTN:  X71 

Fort  George  G.  Meade  MD  20755-6000 


Final  Evaluation  Reports  may  also  be  obtained  through  NTIS  by  calling  (703)  487-4650,  or 
by  sending  a  request  to: 


U.S.  Department  of  Commerce 
NTIS 

5285  Port  Royal  Road 
Springfield,  VA  22161 


GENERAL-PURPOSE  OPERATING  SYSTEMS: 

Level 

System  Name  Trust  POC  and  ^ 


Secure  Communications  Processor  (SCOMP) 
STOP  Release  2.1 

Honeywell  Information  Systems  (HIS) 

GPO  #:  008-000-00438-2 

NTIS  #:  AD-A166-895 

NCSC  Final  Report  #:  CSC-EPL-85/001 

Multics 

MRll.O 

Honeywell  Information  Systems  (HIS) 


Chuck  Bonneau 
(703)  827-3346 


Gary  Kaiser 
(602)  862-4634 


NTIS  #: 

NCSC  Final  Report  #: 


TBD 

CSC-EPL-85/003 


GENERAL-PURPOSE  OPERATING  SYSTEMS  (Continued): 


System  Name 


Level 

of  Trust  POC  and  # 


Network  Operating  System  (NOS) 
Security  Evaluation  Package  Version  2.2 
Control  Data  Corporation  (CDC) 


C2  Paul  Smith 

(612)  482-2776 


NTIS  #:  AD-A208-003 

NCSC  Final  Report  #:  CSC-EPL-86/003 

UTX/32S  C2 

Release  1.0 

Gould,  Inc.,  Computer  Systems  Division 

NTIS  #:  AD-A208-006 

NCSC  Final  Report  #:  CSC-EPL-86/007 

A  Series  MCP/AS  with  InfoGuard  Security  C2 
Enhancement,  Release  3.7 
UNISYS  Corporation 


Tom  Latterner 
(301)  220-3400 


Jeffrey  S.  Bell 
(215)  986-6864 


NTIS  #:  AD-A221-812 

NCSC  Final  Report  #:  CSC-EPL-87/003 

Access  Control  Facility  2  (acf2)  C2 

Release  3.1 

Computer  Associates  International 


John  Haggard 
(312)  714-7604 


NTIS  #:  AD-A207-926 

NCSC  Final  Report  #:  CSC-EPL-87/007 


4-2d.2 


GENERAL-PURPOSE  OPERATING  SYSTEMS  (Continued): 


System  Name 

MVS/XA  with  RACE 
Version  1.8 
IBM  Corporation 

NTIS  #:  TBD 

NCSC  Final  Report  CSC-EPL-88/003 

Primos 

Revision  2. 1.0.1  DODC2A 
Prime  Computer,  Inc. 

NTIS  #:  TBD 

NCSC  Final  Report  #:  CSC-EPL-88/009 

MPE  V/E 

Release  G.03.04  with  patch  AV92 
Hewlett  Packard  Company 


Level 
of  Trust 

C2 


C2 


C2 


NTIS  #; 

NCSC  Final  Report  #; 

AOS/VS  Rev.  7.60 
Data  General  Corp. 

NTIS  #: 

NCSC  Final  Report  #: 


TBD 

CSC-EPL-88/0010 

C2 


TBD 

CSC-EPL-89/001 

B1 


System  V/MLSj 
Release  1.1 

American  Telephone  and  Telegraph  (AT&T) 


NTIS  #:  TBD 

NCSC  Final  Report  CSC-EPL-89/003 


POC  and  # 

David  M.  Frayne 
(914)  288-2612 


John  Jones 

(508)  620-2800ext  4188 


Jim  Schindler 
(408)  725-8900 


Rick  Strom 
(508)  898-4382 


William  Leighton 
(201)  386-7049 


4-2d.3 


GENERAL-PURPOSE  OPERATING  SYSTEMS  (Continued): 


System  Name 

Level 
of  Trust 

POC  and  # 

OS  1100 

UNISYS  Corp. 

C2 

Alan  C.  Roochvarg 
(215)  986-5209 

NTIS  #: 

NCSC  Final  Report  #: 

TBD 

CSC-EPL-89/004 

IBM  VM/SP  with  RACE 

International  Business  Machines 

C2 

David  M.  Frayne 
(914)  288-2612 

NTIS  #: 

NCSC  Final  Report  #: 

TBD 

CSC-EPL-89/005 

VSLAN  5.0 

Verdix  Corporation 

B2 

Gaurang  G.  Shah 
(914)  378-7600 

NTIS  #: 

NCSC  Final  Report#: 

TBD 

CSC-EPL-90/001 

IBM  MVS/ESA 

International  Business  Machines 

B1 

Peter  Calloway 
(914)432-1504 

NTIS  #: 

NCSC  Final  Report  #: 

TBD 

CSC-EPL- 90/002 

SVSi/OS  CAP  1.0 

Wang  Laboratories,  Inc. 

C2 

Steve  Kane 
(508)459-5000 

NTIS  #: 

NCSC  Final  Report  #: 

TBD 

CSC-EPL- 90/004 

Trusted  XENIX  Version  1.1 

Trusted  Information  Systems,  Inc. 

B2 

Russ  Munday 
(301)  852-6885 

NTIS  #: 

NCSC  Final  Report  #: 

TBD 

CSC-EPL-91/001 

4-2d.4 


GENERAL-PURPOSE  OPERATING  SYSTEMS  (Continued): 


Level 

System  Name  of  Trust  POC  and  # 

Compartmented  Mode  Workstation  Plus  B1  Michael  C.  McChesney 

SecureWare  Inc.  (404)  876-4840 

NTIS  #:  TBD 

NCSC  Final  Report  #:  CSC-EPL-91/002 


4-2d.5 


ADD-ON  PACKAGES: 


System  Name 

Resource  Access  Control  Facility  (RACF) 
Version  1  Release  5 

International  Business  Machines  (IBM) 

NTIS  #:  AD-A150-625 

NCSC  Final  Report  #:  CSC-EPL-84/001 

Access  Control  Facility  2  (ACF2) 

Release  3.1.3 

SKK,  Inc. 

NTIS  #:  AD-A150-234 

NCSC  Final  Report  #:  CSC-EPL-84/002 

Top  Secret 
Version  3.0 

CGA  Software  Products  Group 


Level 

of  Trust  POC  and  # 

Cl  David  M.  Frayne 

(914)  288-2612 


C2  Computer  Associates 

John  Haggard 
(312)  714-7604 


C2  Computer  Associates 

John  Haggard 
(312)  714-7604 


NTIS  #:  AD-A157-600 

NCSC  Final  Report  #;  CSC-EPL-85/002 


4-2d.6 


SUBSYSTEMS: 


Level 

System  Name  of  Trust 

Gordian  Systems  Access  Key 
Release  Version  A. 00 

Gordian  Systems 

NTIS  #:  AD-A170-814 

NCSC  Final  Report  #:  CSC-EPL-86/001 

Codercard  CPP-300  Port  Protector 
CPP-300 

Codercard  Inc. 


NTIS  #:  AD-A170-542 

NCSC  Final  Report  #:  CSC-EPL-86/002 


Watchdog  PC  Data  Security 
Version  4.1 

Fischer  International 


NTIS  #:  AD-A208-005 

NCSC  Final  Report  #:  CSC-EPL-86/005 


Sytek  PFX  Racal-Guardata 

A2000/A2100 

Sytek 

NTIS  #:  AD-A208-048 

NCSC  Final  Report  #:  CSC-EPL-86/006 


Access  Control  Encryption  (ACE)  System 
1986  16  port  hardware  version 
Security  Dynamics,  Inc. 


NTIS  #:  AD-A221-814 

NCSC  Final  Report  #:  CSC-EPL-87/001 


POC  and  # 

Thumbscan 
Peter  Dignan 
(312)  954-2336 


Robert  Gray 
(714)  557-3444 


Deborah  Peterson 
(800)  237-4510 


Robert  S.  DiNatale 
(212)  551-1443 


David  Hammond 
(617)  547-7820 


4-2d.7 


SUBSYSTEMS  (Continued): 

Level 

System  Name  of  Trust 

Safeword  UNIX-Safe 
Version  3.1 

Enigma  Logic,  Inc. 

NTIS  #:  AD-A221-811 

NCSC  Final  Report  #:  CSC-EPL-87/002 

Sentinel 
Version  3.13 

Computer  Security  Corporation 
NTIS  #: 

NCSC  Final  Report 

Triad  Plus 
Version  1.3 

Micronyx,  Inc. 

NTIS  #: 

NCSC  Final  Report 

SureKey 
Key  Concepts,  Inc. 

NTIS  #: 

NCSC  Final  Report 

IDX-50 
Version  7 
IDENTIX,  Inc. 

NTIS#: 

NCSC  Final  Report  #: 


AD-A221-813 

CSC-EPL-87/004 


AD-A208-002 

CSC-EPL-87/006 


AD-A208-030 

CSC-EPL-87/008 


AD-A208-008 

CSC-EPL-88/001 


POC  and  # 

Robert  Bosen 
(415)  827-5707 


Polaris,  Inc. 
Don  Pfister 
(703)  845-5600 


Mark  Goode 
(214)  690-0595 


Edward  Levy 
(219)  234-0069 


Linda  Rolandol 
(202)  244-2980 


4-2d.8 


SUBSYSTEMS  (Continued): 


System  Name 

Level 

of  Trust  POC  and 

Cortana  Personal  Computer  Security  System 
Version  1.21 

Cortana  Systems  Corporation 

Computer  Associates 
Kimberly  Bell 
(516)  227-3300 

NTIS  #: 

NCSC  Final  Report 

AD-A208-047 

CSC-EPL-88/002 

DPS-800/12 

Spectrum  Manufacturing,  Inc. 

Clint  Rogers 
(203)  786-5200 

NTIS  #: 

NCSC  Final  Report  #: 

AD-A208-029 

CSC-EPL-88/004 

DIALBACK 

Version  1.5 

Clyde  Digitial  Systems 

Jerry  Cox 
(301)  760-2822 

NTIS  #: 

NCSC  Final  Report 

TBD 

CSC-EPL-88/005 

Citadel  Security  Subsystem 

Computer  Security  Corporation 

NTIS  #:  TBD 

NCSC  Final  Report  #:  CSC-EPL-88/006 

Polaris,  Inc. 

Don  Pfister 
(703)  845-5600) 

Private  Access 

Model  L20 

Computer  Accessories,  Inc. 

Alyssa  Levinson 
(619)  457-5500 

NTIS  #: 

NCSC  Final  Report 

TBD 

CSC-EPL-88/007 

4-2d.9 


SUBSYSTEMS  (Continued): 


Level 


System  Name 

of  Trust 

POC  and  # 

X-Lock-50 

Infosafe  Corporation 

A.  H.  Jorgensen 
(404)  491-8044 

NTIS  #: 

NCSC  Final  Report  #: 

TBD 

CSC-EPL-88/008 

INX-4400 

INFOTRON  Inc 

I&A  /  D 

Dennis  Biederman 
(703)  790-3500 

NTIS  #: 

NCSC  Final  Report  #: 

TBD 

CSC-EPL-89/002 

Tigersafe 

ALC  Stealth  Group 

I&A/  D 
OR  /  D 

Robert  M.  Wainwright 
(619)  437-4419 

NTIS  #: 

NCSC  Final  Report 

TBD 

CSC-EPL-89/006 

TriSpan 

Micronyx,  Inc. 

NTIS  #: 

NCSC  Final  Report#: 

TBD 

CSC-EPL-89/007 

I&A  /  D 
DAC  /  D 
AUD  /  D 

Mark  Goode 
(214)  690-0595 

MicroControl 

Wang  Laboratories 

NTIS  #: 

NCSC  Final  Report  #: 

TBD 

CSC-EPL-89/008 

I&A  /  D 
DAC  /  D 
AUD  /  D 

Eileen  Smith 
(508)  967-4275 

4-2d.l0 


SUBSYSTEMS  (Continued): 


System  Name 


Level 
of  Trust 


PC/DACS 

Pyramid  Development  Corp. 


NTIS  #:  TBD 

NCSC  Final  Report  #:  CSC-EPL-89-009 


OnGuard 

E-X-E  Software  Security  Inc. 


NTIS  #: 

NCSC  Final  Report  #: 

Tigersafe  3.03.1EN 
ALC  Group 

NTIS  #: 

NCSC  Final  Report  #: 


TBD 

CSC-EPL-89/010 


TBD 

CSC-EPL-90/005 


Eyedentify  Information  Security  System 
Eyedentify  Incorporated 


NTIS  #:  TBD 

NCSC  Final  Report  #:  CSC-EPL-90/006 


WATCHDOG  Armor 

Fischer  International  Systems  Corp 


NTIS  #:  TBD 

NCSC  Final  Report  #:  CSC-EPL-90/007 


I&A  /  D 
DAC  /  D 
AUD  /  D 
OR  /D 


I&A  /  D1 
DAC  /D1 


I&A/D 

OR/D 


I&A/Dl 


I&A/D2 

DAC/D2 

AUD/D2 

OR/D 


POC  and  # 

Todd  G.  Sun 
(203)  953-9832 


Stephen  Hicks 
(703)  556-0007 


Robert  M.  Wainwright 
(619)790-3500 


Steve  Flego 
(503)645-6666 


Paul  Palmer 
(800)237-4510 


4-2d.ll 


SUBSYSTEMS  (Continued): 

Level 

System  Name  of  Trust 

LOCKIT  Professional  2.10 

Security  Microsystems  Incorporated 

NTIS  #:  TBD 

NCSC  Final  Report  #:  CSC-EPL-91/001 

COMPSEC  II 

American  Computer  Security  Industries  Inc. 

NTIS  #:  TBD 

NCSC  Final  Report  #:  CSC-EPL-91/002 


POC  and  # 

Ralph  C.  J.  Ferrara 
(800)  345-7390 


Wynn  Schwartau 
(615)  883-6741 


4-2d.l2 


NETWORK  COMPONENTS 


System  Name 


MLS  LAN  Secure  Network  Server  System 
Boeing  Aerospace 


NTIS  #:  TBD 

NCSC  Final  Reort  #:  CSC-EPL-91/005 


Level 
of  Trust 


POC  and  # 

Ken  Takeuchi 
(202)  773-0628 


4-2d.l3 


4-2e 

PRODUCTS  IN  RATING  MAINTENANCE  PHASE 


RATING  MAINTENANCE  PRODUCTS 
POINTS  OF  CONTACT 


System  Name 


Level 

of  Trust  POC  and 


VAX/VMS  Version  4.3  C2 

with  September  Systems  Dispatch 

article  95.5.8,  V4  Security  Update  and  accompanying  letter 
Digital  Equipment  Corporation  (DEC) 

NTIS  #:  AD-A208-004 

NCSC  Final  Report  #:  CSC-EPL-86/004 

System  V/MLS  Release  1.2.0  B1 

American  Telephone  and 
Telegraph  Company 

NTIS  #:  TBD 

NCSC  Final  Report  #:  CSC-EPL-90/003 

OS  1100/2200  Release  SB3R6  B1 

Unisys  Corporation 

NTIS  #: 

NCSC  Final  Report  #: 

SVS/OS  CAP  1.01 

Wang  Laboratories,  Inc. 

NTIS  #: 

NCSC  Final  Report 


TBD 

TBD 


TBD 

TBD 


C2 


Dennis  McMann 
(508)  486-6579 


William  J.  Leighton  II 
(201)  386-3000 


James  L.  Murtaugh 
(612)  635-7777 


Gaetano  T.  Gangemi 
(508)  459-5000 


4-2e.l 
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EPL  ENTRIES 


4-3a 

PRODUCT  BULLETIN  ENTRIES 


PRODUCT  EVALUATION  BULLETIN 


REPORT  NO. 

AS  OF: 

PRODUCT: 

VENDOR: 

CANDIDATE  CLASS: 


CSC-PB-88/003 

14  Sept.  1988 

Boeing  MLS  LAN 

Boeing  Aerospace 

A1  MI  Network  Component 


PRODUCT  DESCRIPTION: 

Boeing  Aerospace’s  Multi-Level  Secure  Local  Area  Network  (MLS  LAN)  is  a  network  compo¬ 
nent  providing  multilevel  secure  communications  between  attached  devices.  These  devices 
include,  for  this  evaluation,  terminals,  host  computers,  serial  devices,  video  devices,  and 
stream  devices.  Within  limits,  a  site  is  free  to  choose  how  many  of  each  type  of  device  to 
attach. 

The  NCSC  considers  that  the  Boeing  MLS  LAN  is  a  candidate  for  Al  MI  network  com¬ 
ponent  and  is  capable  (when  properly  supported  by  a  special  Network  Management  node 
and  attached  devices)  of  supporting  a  network  system  with  Mandatory  Access  Control,  Dis¬ 
cretionary  Access  Control,  Identifivcation  and  Authentication,  and  Auditing  commensurate 
with  the  Al  requirements. 

The  MLS  LAN  consists  of  a  set  of  one  or  more  nodes  called  Secure  Network  Servers  (SNSs). 
Each  SNS  may  support  physical  interfaces  for  terminals,  host  computers,  serial  devices, 
video  devices,  or  stream  devices.  A  group  of  SNSs  may  be  connected  to  one  another  by  a 
transmission  medium  (either  fiber  optic  or  coaxial  cable),  enabling  devices  on  separate  SNSs 
to  communicate.  The  SNS  provides  the  following  services: 

1)  host-to-host  communication 

2)  terminal-to-host  communication 

3)  terminal-to-terminal  communication 

4)  terminal/host-to-serial-device  communication 

5)  video  and  stream  circuit-switched  communication 

Host-to-host  communication  is  supported  by  TELNET,  Transmission  Control  Protocol  (TCP), 
and  User  Datagram  Protocol  (UDP)  service.  Terminals  may  communicate  with  hosts  and  se¬ 
rial  devices  through  TELNET  and  with  other  terminals  through  an  Inter- Terminal  Message 
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service.  Serial  devices  are  supported  with  TELNET  service.  Video  and  stream  circuit¬ 
switching  is  controlled  through  the  terminal  interface.  All  of  these  communications  services 
are  governed  by  a  mandatory  security  policy.  The  MLS  LAN  maintains  sensitivity  labels  for 
devices  and  data  that  include  both  secrecy  and  integrity  components  at  the  granularity  of  8 
hierarchical  levels  and  256  non-hierarchical  categories.  In  addition,  the  MLS  LAN  requires 
all  network  terminal  users  to  identify  and  authenticate  before  allowing  them  to  use  any 
netwotk  resources.  End-to-end  user  identity  and  network  addresses  are  provided  to  hosts. 

PRODUCT  STATUS: 

The  MLS  LAN  is  developed  and  supported  by  Boeing  Aerospace,  a  division  of  The  Boeing 
Company. 

SECURITY  EVALUATION  STATUS: 

A  formal  evaluation  of  the  MLS  LAN  will  commence  in  October  1988  and  is  scheduled  for 
completion  in  1991.  At  the  completion  of  the  formal  evaluation,  the  National  Computer 
Security  Centerv  will  produce  a  final  evaluation  report,  and  place  the  MLS  LAN  on  the 
Evaluated  Products  List.  The  MLS  LAN  will  be  evaluated  against  Appendix  A  of  the 
Trusted  Network  Interpretation  of  the  Trusted  Computer  System  Evaluation  Criteria,  as  a 
candidate  Al-MI  network  component.  It  can  potentially  be  incorporated  into  a  network 
system  that  can  meet  the  TNI  part  1  requirements  for  class  Al. 

A  Product  Bulletin  does  not  assign  any  rating  to  a  product.  It  merely  establishes  the 
candidate  class  which  is  the  highest  class  the  system  could  attain  should  formal  evaluation 
be  completed.  As  with  all  evaluations,  a  system  must  complete  the  formal  evaluation  phase 
before  being  assigned  any  rating. 
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PRODUCT  EVALUATION  BULLETIN 
REPORT  NO.  CSC-PB-90/003 

AS  OF:  13  June  1990 

PRODUCT:  XTS-200  VSTOP 

VENDOR:  Honeywell  Federal  Systems  Inc.  (HFSI) 

CANDIDATE  CLASS:  B3 

PRODUCT  DESCRIPTION: 

The  XTS-200  is  a  superminicomputer,  based  on  the  Bull  HN  Information  Systems  Inc.  DPS 
6  PLUS  and  DPS  6000.  STOP  is  a  multi-level  secure  operating  system  that  runs  on  the 
XTS-200  hardware.  The  XTS-200  is  a  multiprocessing  system  capable  of  supporting  up  to 
four  independent  processors.  It  provides  a  two  gigabyte  virtual  memory,  and  uses  a  hardware 
ring  mechanism  for  protection.  STOP  is  a  multi-tasking  system  which  can  support  multiple 
users.  It  supports  much  of  the  UNIX  System  V  interface  for  application  software. 

STOP  consists  of  four  components:  the  Security  Kernel,  which  operates  in  the  most  priv¬ 
ileged  ring  and  provides  all  mandatory  access  control,  as  well  as  discretionary  access  con¬ 
trol  for  devices  and  processes;  the  TCB  System  Services,  which  operates  in  the  next-most- 
privileged  ring,  and  implements  a  hierarchical  file  system,  supports  user  I/O,  and  implements 
the  discretionary  access  control  for  file  system  objects;  Trusted  Processes,  which  provide  the 
remaining  security  services  and  the  user  command  interface  to  the  TCB;  and  Commodity 
Application  Services  System  (CASS),  which  operates  in  a  less  privileged  ring  and  provides 
the  UNIX-like  interface.  CASS  is  not  a  part  of  the  Trusted  Computing  Base. 

PRODUCT  STATUS: 

XTS-200  uses  the  DPS  6  PLUS  and  DPS  6000  hardware,  with  firmware  modifications  de¬ 
veloped  by  HFSI.  STOP  was  developed  by  HFSI.  XTS-200/STOP  and  is  marketed  and 
supported  by  HFSI.  STOP  Version  3.1  was  released  in  September  1989. 

EVALUATION  STATUS: 

A  formal  evaluation  of  XTS-200/STOP  began  in  duly  1990  and  is  scheduled  for  completion 
during  the  third  quarter  of  1991.  XTS-200/STOP  will  be  evaluated  against  the  DoD  Trusted 
Computer  System  Evaluation  Criteria,  DoD  5200.28-STD,  December  1985. 

The  National  Computer  Security  Center  considers  XTS-200/STOP  a  candidate  for  the  class 
of  products  which  provide  security  domains  (i.e.,  class  B3).  At  the  completion  of  the  evalu¬ 
ation,  a  final  evaluation  report  will  be  produced  by  the  National  Computer  Security  Center 
and  XTS-200 /STOP  will  be  placed  on  the  Evaluated  Products  List  with  its  assigned  rating. 

^XTS-200  is  a  registered  trademark  of  Honeywell  Federal  Systems  Inc. 
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A  Product  Bulletin  does  not  assign  any  rating  to  a  product.  It  merely  establishes  the 
candidate  class  which  is  the  highest  class  the  system  could  attain  should  the  formal  evaluation 
be  completed.  As  with  all  evaluations,  a  system  must  complete  the  formal  evaluation  phase 
before  being  assigned  any  rating. 

ENVIRONMENTAL  STRENGTHS: 

XTS-200/STOP  is  designed  to  provide  a  high  level  of  security  for  many  kinds  of  environ¬ 
ments,  including  office  automation  applications  and  those  with  specialized  applications  (such 
as  message  guards).  The  processor  enforces  a  ring  mechanism  similar  to  that  found  in  the 
Hone3rwell  Multics  system,  that  isolates  the  security  mechanisms,  and  a  virtual  memory 
system  based  on  segments.  The  system  also  supports  a  hierarchical  file  system  similar  to 
that  of  UNIX.  Access  control  is  provided  by  user-specified  controls  (i.e.,  discretionary  access 
controls)  through  access  control  lists,  with  additional  controls  provided  to  properly  separate 
sensitive  information  from  unauthorized  users  (i.e.,  mandatory  access  controls).  It  provides 
for  user  identification  and  authentication  through  user  IDs  and  passwords,  and  individual 
accountability  through  its  auditing  capability. 
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PRODUCT  EVALUATION  BULLETIN 

REPORT  NO.  CSC-PB-91/001 

AS  OF;  15  March  1991 

PRODUCT:  Unix  System  V  Release  4.1 

Enhanced  Security 

VENDOR:  AT&T  Unix  System  Laboratory  Inc. 

CANDIDATE  CLASS:  B2 

PRODUCT  DESCRIPTION: 

AT&T  UNIX  System  Laboratories’  UNIX  System  V  Release  4.1  Enhanced  Security,  (here¬ 
after  referred  to  as  SVR4.1ES)  is  a  multi-level  secure  version  of  UNIX  System  V  for  the 
AT&T  3B2/1000  Model  60  minicomputer.  This  multi-user,  multi-tasking  operating  system, 
based  on  UNIX  System  V  Release  4.0,  maintains  System  V  application  compatibility,  pro¬ 
vides  BSD  and  Xenix  compatibility,  is  compatible  with  the  System  V  Application  Binary 
Interface  (ABI)  and  the  System  V  Interface  Definition  (SVID),  passes  the  System  V  Ver¬ 
ification  Suite  (SVVS).  Applications  are  source  and  binary  code  compatible  with  existing 
programs,  provided  those  programs  do  not  require  modifications  to  the  SVR4.1ES  Trusted 
Computing  Base  (TCB)  or  violate  the  system  security  policy.  Additionally,  SVR4.1ES  con¬ 
forms  to  the  XPG3,  IEEE-P1003.1,  FIPS151-1,  and  ANSI  C  standards. 

In  addition  to  using  the  traditional  protection  mechanism  of  the  UNIX  operating  system  to 
provide  discretionary  access  control,  SVR4.1ES  also  provides  extended  discretionary  access 
controls  through  the  use  of  access  control  lists  (ACLs)  which  provide  users  a  mechanism 
to  provide  different  types  of  access  for  each  user  or  group  with  allowed  access.  In  addition 
to  this  discretionary  access  mechanism,  SVR4.1ES  provides  mandatory  access  controls  to 
limit  the  distribution  of  information  to  only  those  users  who  have  been  authorized  for  it. 
The  mandatory  security  policy  is  consistent  with  the  Bell-LaPadula  model  and  conforms 
with  DoD  policy.  SVR4.1ES  provides  a  flexible  labeling  scheme  that  supports  up  to  246  site 
selectable  hierarchical  classification  levels  and  992  nonhierarchical  categories. 

The  administrator  has  the  capability  to  restrict  users  and  login  ports  to  selectable  classifi¬ 
cation  ranges.  A  multi-level  mail  capability  allows  users  to  communicate  with  each  other  at 
classifications  defined  by  the  administrator.  SVR4.1ES  enforces  a  security  policy  that  pre¬ 
vents  both  the  unauthorized  declassification  of  information  and  unauthorized  modification 
of  trusted  code. 


4-3a.5 


SVR4.1ES  provides  considerable  assurance  that  the  system  security  features  work  as  spec¬ 
ified.  Significant  effort  has  been  applied  to  the  UNIX  System  V  to  create  a  structured, 
modular,  secure  system.  Commands  have  been  added  to  provide  security  features,  and  all 
commands  execute  with  the  minimum  privilege. 

SVR4.1ES  also  provides  some  features  and  assurances  beyond  those  required  for  a  class  B2 
system.  These  include  the  use  of  ACLs  to  enforce  discretionary  access  controls  and  a  covert 
channel  analysis  which  provides  a  thorough  search  for  all  covert  channels.  All  of  the  security 
features  and  assurances  designed  into  SVR4.1ES  will  be  evaluated  by  the  Trusted  Product 
and  Network  Security  Evaluation  Team. 

PRODUCT  STATUS: 

SVR4.1ES  is  developed,  marketed  and  supported  by  UNIX  System  Laboratories  Incorpo¬ 
rated.  The  supporting  3B2/1000  Model  60  hardware  is  developed  and  manufactured  by  the 
American  Telegraph  and  Telephone  Corporation.  SVR4.1ES  is  an  enhancement  to  UNIX 
System  V  Release  4.0,  which  is  currently  marketed.  The  evaluated  SVR4.1ES  is  projected 
to  be  available  in  December  1992. 

SECURITY  EVALUATION  STATUS: 

A  formal  evaluation  of  SVR4.1ES  will  begin  in  March  1991  and  is  scheduled  for  completion 
in  December  1992.  SVR4.1ES  will  be  evaluated  against  the  Department  of  Defense  Trusted 
Computer  System  Evaluation  Criteria,  DOD  5200.28-STD,  December  1985. 

The  Trusted  Product  and  Network  Security  Division  of  the  National  Security  Agency  consid¬ 
ers  SVR4.1ES  a  candidate  for  the  class  of  products  which  provide  labeled  security  protection 
(i.e.,  class  B2).  At  the  completion  of  the  evaluation,  a  final  evaluation  report  will  be  pro¬ 
duced  by  the  Trusted  Product  and  Network  Security  Division  and  SVR4.1ES  will  be  placed 
on  the  Evaluated  Products  List  (EPL). 

A  Product  Bulletin  does  not  assign  any  rating  to  a  product.  It  establishes  the  candidate  class 
which  is  the  highest  class  the  system  could  attain  should  the  formal  evaluation  be  completed. 
As  with  all  evaluations,  a  system  must  complete  the  formal  evaluation  phase  before  being 
assigned  any  rating. 

ENVIRONMENTAL  STRENGTHS: 

SVR4.1ES  provides  isolation  of  the  operating  system  through  its  use  of  the  3B2/1000  hard¬ 
ware  protection  mechanisms.  The  hardware  supports  the  two  states  of  the  operating  system, 
which  are  kernel  and  user  level.  Kernel  level  is  a  privileged  level  of  operation  whereby  the 
operating  system  can  protect  itself  from  user  intervention.  A  specific  user  interface  is  pro¬ 
vided  into  the  kernel,  so  that  operating  system  services  are  available  to  user-level  application 
programs.  All  memory  access  is  at  the  kernel  level  and  mandatory  as  well  as  discretionary 
access  controls  are  in  force. 

Process  isolation  is  guaranteed  by  the  use  of  per-process  virtual  address  space,  memory 
structures  unique  to  a  process  and  the  concept  of  an  active  process  which  has  access  to 
controlled  kernel  resources. 
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SVR4.1ES  provides  an  auditing  facility  to  ensure  user  accountability.  All  security-relevant 
events  are  auditable.  This  facility  includes  collection,  reduction,  backup,  and  data  recovery 
capabilities. 

Identification  and  authentication  is  accomplished  by  the  trusted  login  facilities.  This  mecha¬ 
nism  provides  for  user  identification  and  authentication,  and  the  specification  of  classification 
level  and  categories  which  determine  access  to  the  system  itself  as  well  as  to  application  re¬ 
sources.  Information  about  the  users  (user  profiles)  is  stored  in  a  protected  database  in 
SVR4.1ES. 

The  system  also  enforces  the  principle  of  least  privilege  for  each  of  the  defined  privileged  user 
roles  (i.e.,  users  should  have  no  more  authorization  than  what  is  required  to  perform  their 
functions).  The  privileged  users  are  assigned  to  one  of  the  following  roles:  System  Adminis¬ 
trator  and  Trusted  System  Programmer.  Additionally,  separate  roles  can  be  supported  for 
individuals  who  require  a  limited  trusted  role.  This  separation  is  achieved  by  strictly  limiting 
role  activity  to  predefined  operations.  In  addition,  all  security-relevant  actions  performed  by 
privileged  users  will  be  audited. 
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PRODUCT  EVALUATION  BULLETIN 


REPORT  NO.  CSC-PB-91/002 

AS  OF:  12  Feruary  1991 

PRODUCT:  OS/32  and  OS/32  MTM 

VENDOR:  Concurrent  Computer  Corp. 

CANDIDATE  CLASS:  C2 


PRODUCT  DESCRIPTION: 

OS/32  is  Concurrent’s  microsecond  responsive  real-time  operating  system  that  runs  on  all  of 
its  single  and  multiprocessing  Series  3200  systems  and  8/32  systems.  OS/32  Multi-Terminal 
Monitor  (OS/32  MTM)  is  Concurrent’s  timesharing  and  program  development  environment 
that  runs  on  OS/32.  Together  they  provide  a  trusted  development  and  real-time  environment 
for  small  scale  dedicated  systems  to  large  scale  multiprocessing  systems.  These  products  will 
be  evaluated  on  Concurrent’s  3280SP,  3280MPS,  3280EMPS,  and  all  members  of  Concur¬ 
rent’s  Micro3200  family. 

PRODUCT  STATUS: 

OS/32  and  OS/32  MTM  are  developed,  marketed  and  supported  by  Concurrent  Computer 
Corporation. 

SECURITY  EVALUATION  STATUS: 

A  formal  evaluation  of  OS/32  and  OS/32  MTM  commenced  in  March  1991  and  is  scheduled 
for  completion  by  the  end  of  the  third  calendar  quarter  of  1991.  OS/32  and  OS/32  MTM 
are  being  evaluated  against  the  DoD  Trusted  Computer  Systems  Evaluation  Criteria,  DoD 
5200.28-STD,  dated  December,  1985. 

The  National  Computer  Security  Center  considers  OS/32  and  OS/32  MTM  a  candidate  for 
the  class  of  products  which  provide  controlled  access  protection  (i.e.,  C2).  Upon  completion 
of  the  evaluation,  a  final  evaluation  report  will  be  produced  by  the  National  Computer 
Security  Center  in  which  OS/32  and  OS/32  MTM  will  be  place  on  the  Evaluated  Products 
List  (EPL). 

A  Product  Bulletin  does  not  assign  any  rating  to  a  product.  It  establishes  the  candidate  class 
which  is  the  highest  class  the  system  could  attain  should  the  formal  evaluation  be  completed. 
As  with  all  evaluations,  a  system  must  complete  the  formal  evaluation  phase  before  being 
assigned  any  rating. 
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ENVIRONMENTAL  STRENGTHS: 

OS/32  and  OS/32  MTM  provide  discretionary  access  control  to  its  file  system  via  read  and 
write  privileges  to  user  accounts,  thereby  maintaining  control  over  the  dissemination  and  in¬ 
tegrity  of  individual’s  files.  In  addition,  Concurrent’s  restricted  disks  capability  limits  access 
to  selected  disks  to  users  only  with  appropriate  access  privileges.  The  system  administrator 
can  go  one  step  further  by  ’’cloaking”  certain  devices  from  selected  users,  thereby  preventing 
the  user  from  accessing  or  even  knowing  that  a  given  device  is  available. 

OS/32  and  OS/32  MTM  also  provide  user  identification  and  authentication  through  user 
account  numbers  and  passwords.  Tailorable  site-specific  security  measures  or  system  admin¬ 
istration  procedures  can  be  executed  during  logon  and  logoff  by  command  files  established  by 
the  system/security  administrator.  Individual  accountability  is  obtained  through  its  ability 
to  audit  each  user’s  security  relevant  events. 

Compliance  with  the  object  reuse  requirement  is  accomplished  by  overwriting  physic2d  mem¬ 
ory  before  it  is  allocated  to  another  user.  Disk  blocks  are  overwritten  upon  deletion  of  a  file 
or  optionally  overwritten  when  a  file  is  allocated. 
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3b 

OPERATING  SYSTEM  EPL  ENTRIES 


Serial  No. 


CSC-EPL-85/001 


EVALUATED  PRODUCT:  Secure  Communications  Processor  (SCOMP) 

VENDOR:  HONEYWELL  Information  Systems,  Inc. 

VERSIONS:  STOP  Release  2.1 

DATE:  24  December  1984 

OVERALL  EVALUATION  CLASS:  Al 


PRODUCT  DESCRIPTION: 

The  SCOMP  hardware  consists  of  a  standard  HONEYWELL  Level  6/DPS  6  16  bit  mini¬ 
computer  with  a  modified  CPU,  to  which  a  Security  Protection  Module  (SPM)  has  been 
added.  The  SPM  provides  segmentation,  paging,  protection  rings  similar  to  the  HONEY¬ 
WELL  Level  68  Multics,  with  argument  validation,  and  virtual  address  translation.  The 
virtual  environment  includes  virtual  I/O  as  well  as  virtual  memory. 

The  primary  software  security  mechanism  of  the  SCOMP  system  is  the  security  kernel,  based 
on  the  Center-approved  Rell-LaPadula  model  of  the  software  portion  of  the  reference  monitor 
implementation.  As  such,  it  controls  access  to  objects  in  accordance  with  its  embedded 
security  policy.  The  security  kernel  supports  both  mandatory  and  discretionary  controls, 
and  provides  a  strong  foundaticon  on  which  to  build  secure  applications  programs. 

The  Trusted  Software  (a  set  of  security-relevant,  non-kernel  code)  provides  a  basic  terminal- 
oriented  operating  system  interface  that  runs  on,  and  derives  its  security  from,  the  security 
kernel  and  the  SCOMP  system  architecture.  Trusted  user  services  provide  the  interface  to 
the  SCOMP  system  for  the  user,  trusted  operations  services  provide  the  system  operator 
with  the  capabilities  necessary  to  run  the  system,  and  trusted  maintenance  services  allow 
the  system  administrator  to  build  and  maintain  the  SCOMP  system. 

SCOMP  software  is  supported  by  Honeywell  Federal  Systems  Division  in  McLean,  VA,  and 
the  hardware  is  supported  by  Honeywell  Custom  and  Special  Products  Operation  in  Billerica, 
MA. 

EVALUATION  SUMMARY: 

The  security  protection  provided  by  the  Security  Communications  Processor  (SCOMP)  run¬ 
ning  STOP  release  2.1  has  been  evaluated  by  the  Department  of  Defense  Computer  Security 
Center  (DoDCSC)  against  the  requirements  specified  by  the  DoD  Trusted  Computer  System 
Evaluation  Criteria  (the  Criteria),  dated  15  August  1983. 
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The  DoDCSC  has  determined  that  the  SCOMP  satisfies  all  the  requirements  of  the  Criteria  at 
class  Al.  In  particular,  the  system  was  deemed  to  be  especially  strong  in  areas  such  as  trusted 
software  verification,  mandatory  access  control,  trusted  path,  and  system  architecture. 


Trusted  Computer  System  Evaluation  Summary  Chart 


j  I  I  \  I 

Security  Policy  Accountability  Assurance  Documentation 


n  Does  Not  Satisfy  the  Requirement  For  This  Class 


m  No  Requirements  For  This  Class 


Wi  No  Additional  Requirements  For  This  Class 


Meets  or  Exceeds  the  Requirements  For  This  Class 


Credit  given  above  the  overall  rating  recongnizes 
mechanisms  implemented  beyond  those  strictly  required 
within  the  assigned  rating  class.  Security  testing  was  not 
conducted  above  the  rated  level,  and  the  reader  should 
not  infer  any  assurance  above  this  level. 


System  Name: 

Honeywell  Information  Systems,  Inc. 

Secure  Communications  Processor  (SCOMP) 
STOP  Release  2.1 


Evaluation  Date:  24  December  1984 


The  SCOMP  system  is  composed  of  special  purpose  hardware,  (SPM),  a  software  security 
kernel,  and  trusted  software.  This  rating  applies  to  the  STOP  Release  2.1  software  (kernel 
and  trusted)  and  its  special  purpose  hardware  (hardware  base  marketing  identifier  CPU9101). 

For  a  complete  description  of  how  SCOMP  satisfies  each  requirement  of  the  Criteria,  see 
Final  Evaluation  Report,  Secure  Communications  Processor  (SCOMP),  STOP  Release  2.1 
(Report  No.  CSC-EPL-85/001). 
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Serial  No. 


CSC-EPL-85/003 


EVALUATED  PRODUCT:  Multics 

VENDOR:  Honeywell  Information  Systems  (HIS) 

VERSIONS:  MRll.O 

DATE:  1  September  1985 

OVERALL  EVALUATION  CLASS:  B2 


PRODUCT  DESCRIPTION: 

The  Honeywell  Multics  system  consists  of  the  Multics  operating  system  running  on  Honeywell 
Level  68  and  DPS-8M  mainframes.  These  systems  include  Multics-specific  hardware  to 
support  the  Multics  system  architecture  and  protection  mechanisms.  A  large  Multics  system 
may  be  configured  with  several  processors  and  can  support  several  hundred  users.  Multics 
can  be  used  in  a  wide  variety  of  environments. 

The  Multics  operating  system  is  a  general-purpose  time-sharing  system  with  strong  security 
features.  Multics  has  three  basic  security  mechanisms.  The  hardware-supported  protection 
rings  and  segmentation  provide  tightly  controlled  separate  domains  of  execution.  The  Access 
Isolation  Mechanism  (AIM)  software  provides  mandatory  access  control.  The  Access  Control 
Lists  (ACLs)  provide  discretionary  access  control. 

EVALUATION  SUMMARY: 

The  security  protection  provided  by  Multics  MRll.O  has  been  evaluated  by  the  National 
Computer  Security  Center  (NCSC).  The  security  features  of  Multics  were  tested  against  the 
requirements  specified  by  the  Department  of  Defense  Trusted  Computer  System  Evaluation 
Criteria  (the  Criteria),  date  15  August  1983. 

The  NCSC  evaluation  team  hcis  determined  that  the  highest  class  at  which  Multics  MRll.O 
satisfies  all  the  specified  requirements  of  the  Criteria  is  class  B2. 
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Trusted  Computer  System  Evaluation  Summary  Chart 


Security  Policy  Accountability  Assurance  Documentation 


□  Does  Not  Satisfy  the  Requirement  For  This  Class 


m  No  Requirements  For  This  Class 

No  Additional  Requirements  For  This  Class 
1^1  Meets  or  Exceeds  the  Requirements  For  This  Class 


Credit  given  above  the  overall  rating  recongnizes 
mechanisms  implemented  beyond  those  strictly  required 
within  the  assigned  rating  class.  Security  testing  was  not 
conducted  above  the  rated  level,  and  the  reader  should 
not  infer  any  assurance  above  this  level. 


System  Name: 

Honeywell  Information  Systems,  Inc. 
MULTICSMR11.0 


Evaluation  Date;  1  September  1985 


The  rating  given  to  the  evaluated  system  (viz.,  B2)  is  the  highest  level  Of  the  Criteria  at  which 
the  system  satisfies  all  the  specified  requirements.  For  a  complete  description  of  how  Multics 
MRll.O  satisfies  each  requirement  of  the  Criteria,  see  Final  Evaluation  Report,  Honeywell 
Information  Systems  Multics  MRll.O  (Report  No.  CSC-EPL-85/003). 
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Serial  No. 


CSC-EPL-86/003 


EVALUATED  PRODUCT:  Network  Operating  System  (NOS) 

VENDOR:  Control  Data  Corporation  (CDC) 

VERSIONS:  NOS  Security  Evaluation  Package 

DATE:  28  May  1986 

OVERALL  EVALUATION  CLASS:  C2 


PRODUCT  DESCRIPTION: 

The  CDC  NOS  Security  Evaluation  Package  consists  of  NOS  version  2.4.1,  TMS4,  and  the 
audit  reduction  tool  running  in  secured  mode  on  the  CDC  Cyber  170/800  series  or  Cyber 
180/800  series  machines.  The  evaluated  system  configuration  includes  only  the  following 
subsystems: 

Network  Access  Method  (NAM) 

Batch  I/O  (BIO) 

Interactive  Access  Facility  (lAF) 

Magnet  (MAG) 

Remote  Batch  Facility  (RBF) 

Tape  Management  System  (TMS) 


NOS  is  a  large  general-purpose  time-sharing  system  capable  of  supporting  several  hundreds 
of  users.  NOS  can  be  used  in  a  wide  variety  of  applications.  The  system’s  protection 
mechanisms  provide  a  fine-grained  discretionary  access  control  over  all  files  on  the  system. 

EVALUATION  SUMMARY: 

The  security  protection  provided  by  NOS  Security  Evaluation  Package  has  been  evaluated  by 
the  National  Computer  Security  Center  (NCSC).  The  security  features  of  NOS  were  tested 
against  the  requirements  specified  by  the  Department  of  Defense  Trusted  Computer  System 
Evaluation  Criteria  (the  Criteria),  dated  15  August  1983. 

The  NCSC  evaluation  team  has  determined  that  the  highest  class  at  which  the  NOS  security 
package  satisfies  all  specified  requirements  of  the  Criteria  is  class  C2. 

Additionally,  NOS  provides  some  mandatory  access  controls  that,  while  not  sufficient  to 
satisfy  the  Criteria’s  B1  mandatory  access  control  and  labeling  requirements,  do  provide  some 
of  the  mechanisms  needed  when  handling  classified  or  non-classified  but  sensitive  information. 
A  class  B1  rating  is  achievable,  but  would  require  several  changes  to  the  existing  mechanisms. 
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The  NCSC  team  has  also  noted  some  additional  strengths  of  NOS  above  what  is  required 
for  a  class  C2  system.  These  include  well-developed  and  maintained  testing  procedures 
and  resource  controls  that  are  effective  against  denial  of  service  attacks  through  resource 
exhaustion. 
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□  Does  Not  Satisfy  the  Requirement  For  This  Class 
No  Requirements  For  This  Class 
No  Additional  Requirements  For  This  Class 

Meets  or  Exceeds  the  Requirements  For  This  Class 

Credit  given  above  the  overall  rating  recongnizes 
mechanisms  implemented  beyond  those  strictly  required 
within  the  assigned  rating  class.  Security  testing  was  not 
conducted  above  the  rated  level,  and  the  reader  should 
not  infer  any  assurance  above  this  level. 


System  Name: 

Control  Data  Corporation 
NOS  Security  Evaiuation  Package 


Evaluation  Dale:  28  May  1986 


The  figure  above  indicates  the  requirements  and  corresponding  level  that  the  NOS  Security 
Evaluation  Package  satisfies. 

The  rating  given  to  the  evaluated  system  (viz.,  C2)  is  the  highest  level  of  the  criteria  at 
which  the  system  satisfies  all  the  specified  requirements.  For  a  complete  description  of  how 
the  NOS  Security  Evaluation  Package  satisfies  each  requirement  of  the  Criteria,  see  Final 
Evaluation  Report,  Control  Data  Corporation  NOS  Security  Evaluation  Package  (Report  No. 
CSC-EPL-86/003). 


Serial  No. 


CSC-EPL-86/007 


EVALUATED  PRODUCT:  UTX/32S 

VENDOR:  Gould,  Inc.,  Computer  Systems  Division 

VERSIONS:  Release  1.0 

DATE:  December  1986 

OVERALL  EVALUATION  CLASS:  C2 


PRODUCT  DESCRIPTION: 

The  UTX/32S  system  consists  of  the  UTX/32S  operating  system  running  on  a  Gould  Pow- 
erNode  6000  or  9000  series  minicomputer.  The  UTX/32S  operating  system  is  based  on 
Berkely  4.2  BSD  and  AT&T  System  V.  UTX/32S  is  a  general-purpose,  time-sharing  system 
capable  of  supporting  up  to  128  users.  UTX/32S  preserves  the  strengths  of  the  UNIX  op¬ 
erating  system  and  eliminates  many  of  the  security  weaknesses,  while  maintaining  almost 
complete  command  and  system  library  compatibility. 

UTX/32S  implements  an  additional  integrity  mechanism,  called  the  Restricted  Environment, 
to  provide  isolation  between  privileged  (trusted)  and  unprivileged  domains.  Unprivileged 
users  operate  in  the  restricted  environment.  This  restricted  environment,  which  is  a  subtree 
of  the  file  system,  is  a  virtual  UNIX  system  containing  all  common  untrusted  programs 
and  files.  TCB  files  and  privileged  programs  are  kept  outside  this  environment  and  thus 
are  protected  from  modification  by  untrusted  users.  Trusted  servers  perform  the  sensitive 
services,  including  system  mail,  printing,  and  device  allocation.  Only  system  administrators 
may  access  the  trusted  domain. 

To  further  enhance  security,  UTX/32S  eliminates  some  of  the  weaknesses  inherent  in  UNIX, 
including  the  ’’setuid”  feature  on  files.  Discretionary  access  control  is  provided  by  the  stan¬ 
dard  UNIX  protection-bit  mechanism.  In  addition,  UTX/32S  provides  a  stronger  I/O  device 
control  protection  mechanism. 

EVALUATION  SUMMARY: 

The  security  protection  provided  by  UTX/32S  has  been  evaluated  by  the  National  Com¬ 
puter  Security  Center  (NCSC).  The  security  features  of  UTX/32S  were  tested  against  the 
requirements  specified  by  the  Department  of  Defense  Trusted  Computer  System  Evaluation 
Criteria  (the  Criteria),  dated  December  1985. 
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The  NCSC  evaluation  team  has  determined  that  the  highest  class  at  which  UTX/32S  satisfies 
all  the  specified  requirements  of  the  Criteria  is  class  C2. 


The  NCSC  team  has  also  noted  some  additional  strengths  of  UTX/32S  above  what  is  required 
for  a  class  C2  system.  These  include  well- developed  and  maintained  testing  and  configuration 
management  procedures. 


Trusted  Computer  System  Evaluation  Summary  Chart 
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Security  Policy  Accountability  Assurance  Documentation 


Does  Not  Satisfy  the  Requirement  For  This  Class 
No  Requirements  For  This  Class 
No  Additional  Requirements  For  This  Class 


•j  Meets  or  Exceeds  the  Requirements  For  This  Class 

Credit  given  above  the  overall  rating  recongnizes 
mechanisms  implemented  beyond  those  strictly  required 
within  the  assigned  rating  class.  Security  testing  was  not 
conducted  above  the  rated  level,  and  the  reader  should 
not  Infer  any  assurance  above  this  level. 


System  Name: 

Gould  Inc.,  Computer  Systems  DIv. 

UTX/32S 

Release  1.0 


Evaluation  Date:  31  December  1986 


The  figure  above  indicates  the  requirements  and  corresponding  level  that  UTX/32S  satisfies. 

The  rating  given  to  the  evaluated  system  (viz.,  C2)  is  the  highest  level  of  the  criteria  at 
which  the  system  satisfies  all  the  specified  requirements.  For  a  complete  description  of  how 
UTX/32S  satisfies  each  requirement  of  the  Criteria,  see  Final  Evaluation  Report,  Gould, 
Inc.,  Computer  Systems  Division,  UTX/32S,  Release  1.0  {Report  No.  CSC-EPL-86/007) 
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Serial  No. 


CSC-EPL-87/003 


EVALUATED  PRODUCT: 

VENDOR: 

VERSIONS: 

DATE: 

OVERALL  EVALUATION  CLASS: 


A  Series  MCP / AS  with  InfoGuard 
Security  Enhancements 

UNISYS  Corporation 

Release  3.7 

5  August  1987 

C2 


PRODUCT  DESCRIPTION: 

A  Series  is  the  current  family  of  fully  compatible  computers  produced  by  UNISYS  Cor¬ 
poration.  Members  of  the  product  line  range  in  size  from  several-user  minicomputers  to 
mainframes  supporting  hundreds  of  users.  The  product  line  currently  includes  21  mod¬ 
els  of  processors  that  offer  more  than  a  270-fold  performance  range.  The  A  Series  system 
architecture  is  based  on  a  high-order  language,  specifically  ALGOL.  The  A  Series  system  sup¬ 
ports  reentrant /recursive  multiprocessing,  multiprogramming  and  virtual  memory  through 
its  tagged  memory  and  stack  architecture. 

Software  for  A  Series  includes  the  Master  Control  Program/ Advanced  System  (MCP /AS), 
InfoGuard  security  enhancements,  a  broad  range  of  high-order  language  compilers,  COMS 
(data  communication  interface  and  transaction  processing  controller),  CANDE  (user/programmer 
timesharing  interface),  DMSIT  (data  management),  and  a  full  complement  of  utilities.  The 
A  Series  Trusted  Computing  Base  (TCB)  is  composed  of  MCP/AS,  InfoGuard  security 
enhancements,  the  compilers,  COMS,  CANDE  and  many  system  utilities.  TCB  software 
provides  privilege  and  protection  mechanisms  to  mediate  and  monitor  access  to  system  and 
user  resources. 

All  processors  in  the  A  Series  product  line  provide  a  single  state  for  execution.  Therefore,  the 
A  Series  system  software  is  responsible  for  providing  a  self-protecting  domain  for  the  A  Series 
TCB.  Although  in  many  systems,  isolation  of  the  TCB  from  user  processes  is  provided  by 
running  the  TCB  in  a  completely  separate  (and'  privileged)  hardware  protection  state,  this 
is  not  true  of  A  Series.  Instead,  a  combination  of  capability-like  hardware  mechanisms  and 
TCB  software  (including  the  compilers)  is  used  to  provide  the  necessary  isolation.  Because 
programs  compiled  by  unprivileged  users  have  no  direct  access  to  the  machine  instruction  set 
or  to  the  hardware  enforcement  mechanisms,  the  A  Series  TCB  is  able  to  isolate  itself  and 
other  user  processes  from  any  attempted  security  violations.  These  capability-like  hardware 
mechanisms  are  the  tag  architecture,  the  base  and  limit  of  stack  registers,  and  the  display 
registers. 
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EVALUATION  SUMMARY: 


The  security  protection  provided  by  the  A  Series  Release  3.7  has  been  evaluated  by  the 
National  Computer  Security  Center  (NCSC)  against  the  requirements  specified  by  the  De¬ 
partment  of  Defense  Trusted  Computer  System  Evaluation  Criteria  (the  Criteria),  dated 
December  1985. 


The  NCSC  evaluation  team  has  determined  that  the  highest  class  at  which  the  A  Series 
Release  3.7  satisfies  all  the  specified  requirements  of  the  Criteria  is  class  C2. 


Trusted  Computer  System  Evaluation  Summary  Chart 
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I  I  Does  Not  Satisfy  the  Requirement  For  This  Ciass 
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Credit  given  above  the  overall  rating  recongnizes 
mechanisms  Implemented  beyond  those  strictly  required 
within  the  assigned  rating  class.  Security  testing  was  not 
conducted  above  the  rated  level,  and  the  reader  should 
not  infer  any  assurance  above  this  level. 


System  Name: 

Unisys  Corporation 
A  Series  MCP/AS  with  Infogaurd 
Release  1 .0 


Evaluation  Date:  31  December  1986 


The  figure  above  indicates  the  requirements  and  corresponding  level  that  the  A  Series  Release 
3.7  with  InfoGuard  security  enhancements  satisfies. 

The  rating  given  to  the  evaluated  system  (viz.,  C2)  is  the  highest  level  of  the  Criteria  at 
which  the  system  satisfies  all  the  specified  requirements.  For  a  complete  description  of  how 
the  A  Series  satisfies  each  requirement  of  the  Criteria,  see  Final  Evaluation  Report,  UNISYS 
Corporation  A  Series  MCP/AS  (Report  No.  CSC-EPL-87/003). 
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Serial  No. 


CSC-EPL-87/007 


EVALUATED  PRODUCT:  acf2/VM  with  IBM’s  VM/SP  or  VM/SP 

HPO,  VM  Batch  Subsystem,  and 
Directory  Maintenance  Program 
Product 

Computer  Associates  International 
(formerly  Uccel  Corporation, 
formerly  SKK,  Inc.) 

Release  3.1  of  acf2/VM;  release  4.0  VM/SP, 
Program  Update  Tape  (PUT)  8704  OR 
release  4.2  VM/SP  HPO,  PUT  8704; 
release  1,  modification  5  of 
VM  Batch  Subsystem;  release  2.0, 

Directory  Maintenance  Program  Product 

DATE:  September  1987 

OVERALL  EVALUATION  CLASS:  C2 


PRODUCT  DESCRIPTION: 

acf2/VM  is  an  add-on  security  subsystem  designed  for  IBM’s  VM  operating  system  running 
on  any  IBM  370-type  processor.  It  is  designed  to  provide  both  user-specified  and  default 
protection  for  system  access,  minidisks,  tape  volumes,  attachable  DASD  devices,  CP  com¬ 
mands  and  DIAGNOSE  instructions,  and  interprocess  communications,  including  lUCV  and 
VMCF.  In  addition,  system  administrators’  abilities  may  be  restricted  by  use  of  the  acf2/VM 
SCOPE  facility.  Both  the  acf2/VM  product  and  underlying  VM  operating  system  are  being 
included  in  the  evaluation. 

acf2/VM  is  designed  to  provide  a  phased  approach  to  implementation.  Under  QUIET  mode, 
acf2/VM  allows  data  access  validation  to  be  disabled,  but  checks  logon  validation.  Under 
LOG  mode,  acf2/VM  allows  accesses  but  journals  accesses  that  would  have  been  denied  if  it 
were  in  ABORT  mode.  Under  WARN  mode,  acf2/VM  issues  warning  messages  in  addition  to 
journaling  accesses  that  would  have  been  denied.  Under  ABORT  mode,  the  normal  operating 
mode,  acf2/VM  journals  and  denies  all  unauthorized  accesses.  Under  RULE  mode,  any  of 
the  previously  mentioned  modes  can  be  implemented  to  a  finer  granularity,  so  that  critical 
data  can  be  protected  first.  Only  the  ABORT  mode  and  the  RULE  mode  with  ABORT 
defaults  of  acf2/VM  have  been  evaluated  for  the  C2  rating. 


VENDOR: 


VERSIONS: 
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Because  of  the  importance  of  extended  security  in  the  large  mainframe  computer  installa¬ 
tion,  acf2/VM  has  a  wide  range  of  interface  capabilities.  acf2/VM  can  be  interfaced  with 
other  independently  supplied  software  products  which  do  not  affect  the  trusted  computing 
base,  such  as  IBM’s  Remote  Spooling  Communications  Subsystem  (RSCS)  and  File  Storage 
Facility  (FSF).  Interfaces  tested  during  the  evaluation  are  the  VM  Batch  Subsystem  and 
Directory  Maintenance  Program  Product  (DIRMAINT). 

EVALUATION  SUMMARY: 

The  security  protection  provided  by  Computer  Associates’  Access  Control  Facility  2/Virtual 
Machine  (acf2/VM)  add-on  package  release  3.1  running  with  IBM’s  Virtual  Machine/System 
Product  (VM^P)  Release  4.0  or  IBM’s  Virtual  Machine/System  Product  High  Performance 
Option  (VM/SP  HPO)  Release  4.2  operating  system  has  been  examined  by  the  National 
Computer  Security  Center  (NCSC).  The  security  features  of  acf2/VM  were  examined  against 
the  requirements  specified  by  the  Department  of  Defense  Trusted  Computer  System  Evalu¬ 
ation  Criteria  (the  Criteria),  dated  December  1985. 

The  NCSC  evaluation  team  has  determined  that  the  highest  class  at  which  acf2/VM  could 
satisfy  all  the  specified  requirements  of  the  Criteria  is  class  C2.  acf2/VM,  using  the  specified 
hardware  and  software,  configured  and  operated  in  the  most  secure  configuration  as  described 
in  the  Trusted  Facility  Manual,  has  been  assigned  a  class  C2  rating.  Note  that  this  evaluation 
does  not  include  the  operating  systems  on  the  individual  user  virtual  machines  or  objects 
protected  by  those  operating  systems. 

The  NCSC  team  has  also  noted  that  acf2/VM  provides  some  features  and  assurances  beyond 
those  required  for  a  class  C2  system.  These  include  configuration  management  procedures, 
and  a  finer  granularity  of  control  for  discretionary  access  control. 

The  figure  on  the  next  page  indicates  the  requirements  and  corresponding  level  that  acf2/VM 
satisfies. 
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Trusted  Computer  System  Evaluation  Summary  Chart 


Security  Policy  Accountability  Assurance  Documentation 


□  Does  Not  Satisfy  the  Requirement  For  This  Class 
§§  No  Requirements  For  This  Class 

No  Additional  Requirements  For  This  Class 

11  Meets  or  Exceeds  the  Requirements  For  This  Class 

Credit  given  above  the  overall  rating  recongnizes 
mechanisms  Implemented  beyond  those  strictly  required 
within  the  assigned  rating  class.  Security  testing  was  not 
conducted  above  the  rated  level,  and  the  reader  should 
not  infer  any  assurance  above  this  level. 


System  Name: 

Computer  Associates  International 
afc2/VM  Release  3.1 


Evaluation  Date:  11  September  1987 


A  system  that  has  been  rated  as  being  a  C2  system  provides  a  Trusted  Computing  Base 
(TCB)  that  enforces  a  finely  grained  discretionary  access  control  mechanism  and  ensures 
that  individual  users  are  accountable  for  their  actions  through  login  and  auditing  procedures. 
For  a  complete  description  of  how  acf2/VM  satisfies  each  requirement  of  the  Criteria,  see 
Final  Evaluation  Report,  Computer  Associates  International  acf2/VM  (Report  No.  CSC- 
EPL-87/007). 
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Serial  No. 


CSC-EPL-88/003 


EVALUATED  PRODUCT: 


VENDOR: 


Multiple  Virtual  Storage/System  Product  (MVS/SP) 
Job  Entry  Subsystem  2  (JES2) 

Data  Facility  Product  (DFP) 

Resource  Access  Control  Facility  (RACE) 

Time  Sharing  Option  /  Extensions  (TSO/E) 
Advanced  Communications  Function  /  Virtual 
Telecommunications  Access  Method  (ACF/VTAM) 
System  370  Extended  Architecture  (370-XA) 
(collectively  referred  to  as  MVS/XA  with  RACE) 

International  Business  Machines  Corporation 


VERSION  EVALUATED:  MVS/SP  JES2  Version  2  Release  2 

MVS/XA  DFP  Version  2  Release  3 
RACF  Version  1  Release  8 
TSO/E  Version  1  Release  4  for  XA 
ACF/VTAM  Version  3  Release  1.1  for  XA 

DATE:  15  June  1988 

OVERALL  EVALUATION  CLASS:  C2 


PRODUCT  DESCRIPTION: 

MVS/XA  is  IBM’s  operating  system  for  its  computers  that  offer  the  System  370  Extended 
Architecture  (370-XA).  The  system  provides  generalized  facilities  that  support  a  wide  variety 
of  usages  including  concurrent  execution  of  multi-user  time-sharing,  batch,  and  real-time 
applications. 

RACF  is  IBM’s  strategic  facility  for  providing  security  services  and  support  to  MVS/XA. 
RACF  provides  numerous  functions  and  features  that  greatly  enhance  an  installation’s  con¬ 
trol  over  its  resources.  RACF’s  flexibility  and  functionality  supply  a  common  base  for  security 
within  many  IBM  products.  MVS/XA  with  RACF  make  available  privilege  and  protection 
mechanisms  to  limit  user  access  to  system-controlled  structures  in  physical  storage,  system- 
structured  volumes  and  files,  and  certain  devices. 

The  evaluated  software  encompasses  all  other  products  listed  above  supplying  MVS/XA 
with  a  wide  functionality.  Furthermore,  several  MVS/XA  systems  may  be  operated  together 
within  an  MVS/XA  JES2  complex  while  retaining  the  overall  rating. 
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The  370-XA  architecture  specifies  several  protection  mechanisms.  In  general,  user  programs 
execute  in  the  problem  state  while  the  system  programs  in  the  supervisor  state.  User  separa¬ 
tion  is  achieved  with  an  extensive  memory  and  address  space  management.  System  programs 
are  further  isolated  by  means  of  protection  keys. 


The  evaluated  software  is  supported  by  IBM  processors  supporting  370-XA.  This  product 
line  ranges  from  mid-range  4381  computers  to  3090  mainframes  with  six  central  processors 
and  six  vector  facilities.  In  addition,  four  models  of  the  3090  computers  may  be  operated  in 
certain  partitioned  configurations  while  maintaining  the  security  of  each  system  and,  hence, 
the  awarded  rating.  _ _ 
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□  Does  Not  Satisfy  the  Requirement  For  This  Class 


No  Requirements  For  This  Class 


No  Additional  Requirements  For  This  Class 

[3  Meets  or  Exceeds  the  Requirements  For  This  Class 

Credit  given  above  the  overall  rating  recongnizes 
mechanisms  implemented  beyond  those  strictly  required 
within  the  assigned  rating  class.  Security  testing  was  not 
conducted  above  the  rated  level,  and  the  reader  should 
not  infer  any  assurance  above  this  level. 


System  Name: 

International  Business  Machines  Corporation 
MVS/XA  with  RACE,  Version  1 .8 


Evaluation  Date;  15  June  1968 
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EVALUATION  SUMMARY: 

The  security  protection  provided  by  MVS/XA  with  RACE  has  been  evaluated  by  the  Na¬ 
tional  Computer  Security  Center  (NCSC)  against  the  requirements  specified  by  the  Depart¬ 
ment  of  Defense  Trusted  Computer  System  Evaluation  Criteria  [DOD  5200.28-STD]  dated 
December  1985. 

The  NCSC  evaluation  team  has  determined  that  the  highest  class  at  which  MVS/XA  with 
RACE  satisfies  all  the  specified  requirements  of  the  Criteria  is  class  C2. 

The  figure  on  the  previous  page  indicates  the  requirements  and  corresponding  level  that 
MVS/XA  with  RACE  satisfies. 

The  rating  given  to  the  evaluated  system  (viz.,  C2)  is  the  highest  level  of  the  Criteria  at 
which  the  system  satisfies  all  the  specified  requirements.  Eor  a  complete  description  of  how 
MVS/XA  with  RACE  satisfies  each  requirement  of  the  Criteria,  see  Final  Evaluation  Report, 
International  Business  Machines  Corporation  MVS/XA  with  RA  CF  (Report  No.  CSC-EPL- 
88/003).  In  addition,  the  Report  should  also  be  consulted  for  the  complete  lists  of  evaluated 
hardware  and  software  components  as  well  as  all  the  necessary  PUT  levels,  PTE  numbers, 
and  APAR  numbers. 
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Serial  No. 


CSC-EPL-88/009 


EVALUATED  PRODUCT: 
VENDOR: 

VERSION: 

DATE: 

OVERALL  EVALUATION  CLASS: 


PRODUCT  DESCRIPTION: 

The  C2  Primos,  revision  21.0.1DODC2A,  is  identified  as  product  number  850300  and  can 
be  acquired  directly  from  Prime  Computer  Corporation.  This  product  includes  the  Primos 
operating  system  and  the  auditing  facility. 

Primos  is  a  general  purpose,  multiprocessing  operating  system  running  on  Prime’s  50  series 
hardware.  The  50  series  hardware  is  a  completely  upward  and  downward  compatible  line  of 
processors  offering  advanced  architectural  features  such  as  virtual  memory,  process  exchange, 
dynamic  linking,  and  hardware  memory  protection.  Primos  is  structured  to  take  advantage 
of  these  architectural  features.  For  example,  it  supports  multiple  concurrent  processes  each 
running  in  its  own  private  virtual  address  space,  controlled  procedure  sharing,  and  dynamic 
linking. 

Support  software  for  Primos  includes  an  auditing  facility,  a  broad  range  of  high-order  lan¬ 
guage  compilers,  editors,  data  base  products,  CAD/CAM  products,  and  other  system  sup¬ 
port  utilities.  The  auditing  facility  is  made  up  of  four  components:  an  audit  collection 
facility,  an  audit  reporting  facility,  an  audit  file  backup  facility,  and  a  crash  audit  recovery 
facility. 

EVALUATION  SUMMARY: 

Prime’s  Primos  operating  system  revision  21.0.1DODC2A  has  been  evaluated  by  the  National 
Computer  Security  Center  (NCSC)  against  the  requirements  specified  in  the  Department  of 
Defense  Trusted  Computer  System  Evaluation  Criteria,  DOD  5200.28-STD.  The  NCSC  has 
determined  that  Primos  21.0.1DODC2A  satisfies  all  of  the  requirements  of  the  Criteria  class 
C2. 


Primos 

Prime  Computer,  Inc. 

Primos  Revision  21.0.1DODC2A 
24  June  1988 
C2 
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Trusted  Computer  System  Evaluation  Summary  Chart 


Security  Policy  Accountability  Assurance  Documentation 


□ 


Does  Not  Satisfy  the  Requirement  For  This  Class 
No  Requirements  For  This  Class 
No  Additional  Requirements  For  This  Class 
Meets  or  Exceeds  the  Requirements  For  This  Class 


Credit  given  above  the  overall  rating  recongnizes 
mechanisms  implemented  beyond  those  strictly  required 
within  the  assigned  rating  class.  Security  testing  was  not 
conducted  above  the  rated  level,  and  the  reader  should 
not  infer  any  assurance  above  this  level. 


System  Name: 

Prime  Computer,  Inc. 
PRIMOS 

Revision  2.1. 0.1  DODC2A 


Evaluation  Date:  24  June  1988 


For  a  complete  description  of  how  Primos  satisfies  each  Criteria  requirement,  see  Final 
Evaluation  Report,  Prime  Computer  Corporation,  Primos  revision  21.0.1DODC2A  (Report 
No.  CSC-EPL-88/009). 
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Serial  No. 


CSC-EPL-88/010 


EVALUATED  PRODUCT:  MPE  V/E,  Release  G.03.04 

VENDOR:  Hewlett  Packard  Computer  Systems  Divison 

DATE:  5  October  1988 

OVERALL  EVALUATION  CLASS:  C2 


PRODUCT  DESCRIPTION: 

The  Multiprogramming  Executive  (MPE)  operating  system  is  a  disc-based  software  sys¬ 
tem  that  supervises  all  processing  and  maintains  all  user  interfaces  with  various  versions 
of  the  HP  3000  computer  system.  MPE  provides  a  single  operating  environment  across  a 
broad  compatible  family  of  systems,  provides  superior  response  in  I/O-intensive  transaction 
processing  environments,  and  is  easy  to  use. 

MPE  is  designed  so  that  user  capabilities,  the  account  structure,  and  system  security  mea¬ 
sures  are  intertwined.  Additional  structures  provided  by  MPE  include  groups,  which  are 
collections  of  files,  and  accounts,  which  are  collections  of  users  and  groups.  Passwords  are 
assigned  for  users,  and  can  also  be  assigned  for  groups  and  accounts,  but  the  system  can 
be  operated  securely  without  the  use  of  group  and  account  passwords.  Once  logged  onto  a 
system,  users  are  restricted  in  what  they  can  do  via  capability  sets,  which  can  be  defined 
at  the  user,  group,  and  account  level.  These  capability  sets  may  restrict  users  from  such 
activities  as  saving  files  or  logging  on  interactively. 

File  protection  is  provided  by  Access  Control  Definitions  (ACDs).  Access  Control  Definitions 
provide  discretionary  access  control  to  individual  objects  (files  and  devices)  in  terms  of  users 
and  modes  of  access. 

MPE  provides  a  system  logging  facility  that  can  track  selected  system  events,  such  as  job 
and  session  initiation  and  termination,  ACD  changes,  and  process  creation.  The  capability 
to  audit  the  actions  of  one  or  more  users  based  on  individual  identity  is  provided.  An  audit 
reduction  tool  is  provided  for  generating  reports  from  the  system  log. 

HP  Security  Monitor  is  a  fully  integrated  system  security  program  that  allows  system  ad¬ 
ministrators  to  protect  both  system  resources  and  sensitive  data  from  unauthorized  access. 
Building  on  the  strong  security  of  the  MPE  operating  system,  it  allows  improved  password 
protection  via  encryption,  password  aging,  and  length  requirements,  stronger  audit  trails  via 
increased  logging  options,  and  tighter  access  security  as  a  result  of  limiting  log-on  attempts, 
requiring  terminal  passwords  and  terminating  idle  sessions.  It  also  provides  batch  security 
features.  All  features  are  optional  and  individually  enabled. 
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EVALUATION  SUMMARY: 


The  security  protection  provided  by  MPE  V/E,  Release  G. 03.04  has  been  evaluated  by 
the  National  Computer  Security  Center  (NCSC).  The  security  features  of  MPE  V/E  were 
tested  against  the  requirements  specified  by  the  Department  of  Defense  Trusted  Computer 
System  Evaluation  Criteria,  dated  26  December  1985.  The  evaluated  hardware  set  includes 
the  following  system  processing  units:  MICRO  3000,  MICRO  3000XE,  Series  42,  Series 
42XP/52,  Series  48,  Series  58,  or  Series  6x/70. 


Trusted  Computer  System  Evaluation  Summary  Chart 


Security  Policy  Accountability  Assurance  Documentation 


□ 

■ 

■ 

Credit  given  above  the  overall  rating  recongnizes 
mechanisms  implemented  beyond  those  strictly  required 
within  the  assigned  rating  class.  Security  testing  was  not 
conducted  above  the  rated  level,  and  the  reader  should 
not  infer  any  assurance  above  this  level. 


Does  Not  Satisfy  the  Requirement  For  This  Class 
No  Requirements  For  This  Class 
No  Additional  Requirements  For  This  Class 
Meets  or  Exceeds  the  Requirements  For  This  Class 


System  Name: 

Hewlett  Packard  Computer  Systems 
MPE  V/E  Release  G.03.04 
With  patch  AV92 


Evaluation  Date:  4  October  1988 


The  NCSC  evaluation  team  has  determined  that  the  highest  class  at  which  MPE  V /E  Release 
G.03.04  satisfies  all  specified  requirements  of  the  Criteria  is  class  C2,  Controlled  Access  Pro¬ 
tection.  In  addition,  MPE  V/E  satisfies  the  class  B1  requirements  for  System  Architecture, 
and  the  class  B3  requirements  for  Discretionary  Access  Control.  For  a  complete  description 
of  how  MPE  V/E  satisfies  each  requirement  of  the  Criteria,  see  Final  Evaluation  Report, 
Hewlett  Packard  Computer  Systems  Division,  MPE  V/E  (Report  No.  CSC-EPL-88/010). 
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Serial  No. 


CSC-EPL-89/001 


EVALUATED  PRODUCT: 

VENDOR: 

VERSIONS: 


DATE: 

OVERALL  EVALUATION  CLASS: 


AOS/VS  revision  7.60  running  on  a 
MV/ECLIPSE  series  processors. 

Data  General  Corporation 

AOS/ VS  revision  7.60  The  evaluated 
MV/ECLIPSE  series  processors  include: 
MV/4000,  MV/6000,  MV/7800  (including 
model  DC,  U,  C,  DCX,  or  XP), 

MV/8000  (including  model  II  or  C), 

MV/ 10000  (including  model  SX), 
MV/15000  (including  model8,  10,  or  20), 
and  the  MV/20000. 

6  December  1988 

C2 


PRODUCT  DESCRIPTION: 

Data  General  Corporation’s  AOS/ VS  operating  system  revision  7.60  for  the  MV/ECLIPSE 
32-bit  virtual  memory-mini  computers  is  a  general  purpose  operating  system  which  provides 
both  batch  and  on-line  processing  in  a  multi-process,  multi-tasking  environment.  AOS/VS 
runs  on  the  entire  line  of  Data  General’s  MV/ECLIPSE  systems,  ranging  from  the  MV/2000 
to  the  MV/20000.  The  MV/20000  supports  AOS/ VS  dual  processor  instructions. 

Programs  and  data  are  contained  in  an  addressable  unit  of  variable  length  memory  named 
a  segment.  Segments  are  safeguarded  by  a  collection  of  protection  mechanisms  named  rings. 
Eight  concentric  rings  provide  security  for  the  segments  from  the  AOS/VS  operating  system 
kernel  (ring  0,  most  privileged)  to  the  top  segment  of  user  space  (ring  7,  least  privileged).  The 
MV/ECLIPSE  architecture  through  its  ring  design  provides  a  firmware  implemented  gate  at 
every  ring  boundary  which  automatically  checks  ring  crossing  calls  for  proper  authorizations. 

User  authentication  is  done  through  username  and  password  verification  and  an  optional 
password  encryption  mechanism  is  provided.  AOS/ VS  also  provides  an  extensive  system 
audit  trail  capability.  AOS/VS  maintains  an  access  control  list  for  each  directory  and  data 
file.  It  includes  the  users  who  can  and  cannot  access  files  as  well  as  the  privileges  which  allow 
the  accesses.  This  type  of  access  control  mechanism  provides  discretionary  access  control  of 
code  and  data  in  the  system. 
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The  audit  trail  captures  security  relevant  events  such  as  file  accesses,  failed  log-on  attempts, 
and  process  creations  and  terminations  to  monitor  attempted  breaches  of  system  security, 
AOS/VS  ensures  that  objects  allocated  to  a  process  do  not  contain  residual  data  left  from 
previous  process.  Object  reuse  applies  only  to  those  objects  with  a  storage  capability  in¬ 
cluding:  physical  pages,  physical  disk  blocks,  and  dynamic  storage  allocation. 


Trusted  Computer  System  Evaluation  Summary  Chart 


Security  Policy 


Accountability 


Assurance 


Documentation 


l~l  Does  Not  Satisfy  the  Requirement  For  This  Class 


No  Requirements  For  This  Class 
No  Additional  Requirements  For  This  Class 


Meets  or  Exceeds  the  Requirements  For  This  Class 

Credit  given  above  the  overall  rating  recongnizes 
mechanisms  implemented  beyond  those  strictly  required 
within  the  assigned  rating  class.  Security  testing  was  not 
conducted  above  the  rated  level,  and  the  reader  should 
not  infer  any  assurance  above  this  level. 


System  Name: 

Data  General  Corportation 

AOS/VS 

Revision  7.60 


Evaluation  Date:  6  December  1988 


EVALUATION  SUMMARY: 

The  security  protection  provided  by  Data  General  Corporations’  AOS/VS  computing  system 
has  been  examined  by  the  National  Computer  Security  Center  (NCSC).  The  Security  features 
were  examined  against  the  requirements  specified  by  the  Department  of  Defense  Trusted 
Computer  System  Evaluation  Criteria  (the  Criteria),  dated  December  1985. 

The  NCSC  evaluation  team  has  determined  that  the  highest  class  at  which  the  evaluated 
computing  system  could  satisfy  all  the  specified  requirements  of  the  Criteria  is  class  C2.  The 
AOS/VS  revision  7.60  operating  system  using  the  specified  hardware  and  software,  configured 
and  operated  in  the  secure  configuration  as  described  in  the  Trusted  Facility  Manual,  has 
been  assigned  a  class  C2  rating. 
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The  NCSC  team  has  also  noted  that  the  computing  system  provides  some  features  and 
assurances  beyond  those  required  for  a  class  C2  system.  These  include  a  B1  evaluated 
system  architecture,  and  B3  evaluated  discretionary  access  control. 

The  figure  on  the  previous  page  indicates  the  requirements  and  corresponding  level  that  the 
evaluated  AOS/ VS  computing  system  satisfies. 

A  system  that  has  been  rated  as  being  a  C2  system  provides  a  Trusted  computing  Base 
(TCB)  that  enforces  a  discretionary  access  control  mechanism  that  ensures  that  individual 
users  are  accountable  for  their  actions  through  login  and  auditing  procedures.  For  a  complete 
description  of  how  the  evaluated  AOS/VS  computing  system  satisfies  each  requirement  of 
the  Criteria,  see  Final  Evaluation  Report,  Data  General  Corporation  AOS/VS  (Report  No. 
CSC-EPL-89/001). 
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Serial  No. 


CSC-EPL-89/003 


EVALUATED  PRODUCT:  System  V/MLS  version  1.1.2  running  with 

UNIX  System  V  Release  3.1.1  on  the  AT&T 
3B2/500  or  AT&T  3B2/600  minicomputers. 

VENDOR:  American  Telephone  and  Telegraph  Co.  (AT&T) 

EVALUATION  DATE:  7  September  1989 

OVERALL  EVALUATION  CLASS:  B1 


PRODUCT  DESCRIPTION: 

AT&T’s  System  V/MLS  Release  1.1.2  running  with  UNIX  System  V  Release  3.1.1  (here¬ 
after  referred  to  as  System  V /MLS)  is  a  multi-level  secure  version  of  UNIX  ^  System  V  for 
the  AT&T  3B2/500  and  AT&T  3B2/600  minicomputers.  System  V/MLS  is  a  multi-user, 
multi-tasking  operating  system  that  can  support  up  to  48  concurrent  users  on  a  3B2/500 
and  up  to  64  concurrent  users  on  a  3B2/600.  System  V/MLS  maintains  System  V  appli¬ 
cation  compatibility,  is  compatible  with  the  System  V  Interface  Definition  (SVID),  passes 
the  System  V  Verification  Suite  (SVVS),  and  is  source  and  binary  code  compatible  with 
existing  programs,  provided  those  programs  do  not  require  modifications  to  the  System/V 
MLS  Trusted  Computing  Base  (TCB)  or  violate  the  system  security  policy. 

In  addition  to  using  the  traditional  protection  mechanism  of  the  UNIX  operating  system  to 
provide  discretionary  access  control.  System  V/MLS  also  provides  mandatory  access  control 
to  limit  the  distribution  of  information  to  only  those  users  who  have  been  authorized  for  it. 
The  mandatory  security  policy  is  consistent  with  the  Bell-La  Padula  model  and  conforms 
with  DoD  policy.  System  V/MLS  provides  a  flexible  labeling  scheme  that  supports  up  to 
255  site  selectable  hierarchical  classification  levels  and  1024  nonhierarchical  categories. 

The  administrator  has  the  capability  to  restrict  users  and  login  ports  to  selectable  classifi¬ 
cation  ranges.  A  multi-level  mail  capability  allows  users  to  communicate  with  each  other  at 
classifications  defined  by  the  administrator.  System  V /MLS  enforces  a  security  policy  that 
prevents  both  the  unauthorized  declassification  of  information  and  unauthorized  modifica¬ 
tion  of  trusted  code.  The  mandatory  access  controls  are  implemented  in  a  manner  analogous 
to  the  traditional  UNIX  commands  for  discretionary  access  control.  Other  commands  have 
been  added  to  allow  users  to  create  discretionary  groups  on  the  system.  Users  can  change 
levels  without  having  to  logout.  A  random  password  generator  implements  the  algorithms 
recommended  in  the  DoD  Password  Management  Guideline,  CSC-STD-002-85. 


^UNIX  is  a  registered  trademark  of  AT&T 
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Audit  trail  records  are  generated  for  security-relevant  events  and  can  be  analyzed  by  an 
administrator  using  an  audit  trail  formatter.  A  trusted  path  is  provided  at  login  time  to 
ensure  that  users  are  communicating  with  the  TCB. 


Trusted  Computer  System  Evaluation  Summary  Chart 


Security  Policy  Accountability  Assurance  Documentation 


Does  Not  Satisfy  the  Requirement  For  This  Class 
No  Requirements  For  This  Class 
No  Additional  Requirements  For  This  Class 
Meets  or  Exceeds  the  Requirements  For  This  Class 


Credit  given  above  the  overall  rating  recongnizes 
mechanisms  implemented  beyond  those  strictly  required 
within  the  assigned  rating  class.  Security  testing  was  not 
conducted  above  the  rated  level,  and  the  reader  should 
not  infer  any  assurance  above  this  level. 


System  Name: 
AT&T 

System  V/MLS 
Version  1.1.2 


Evaluation  Date:  7  September  1989 


The  630  Multi-Tasking  Graphics  intelligent  terminal  (630  MTG),  a  high-resolution,  multi¬ 
window  graphics  terminal,  can  be  used  with  System  V/MLS  to  provide  the  user  with  seven 
windows,  each  of  which  can  contain  information  at  a  different  security  label.  A  ’’cut  and 
paste”  capability  allows  the  user  to  simultaneously  edit  files  at  different  security  levels  within 
the  constraints  of  the  enforced  security  policy. 
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System  V/MLS  also  provides  some  features  beyond  those  required  for  a  class  B1  system. 
These  include  B2  trusted  path,  B2  subject  sensitivity  labels,  and  B2  device  labeling.  This 
product  has  also  entered  the  NCSC  Rating  Maintenance  Phase  (RAMP). 

EVALUATION  SUMMARY; 

The  security  protection  provided  by  System  V/MLS  has  been  evaluated  by  the  National 
Computer  Security  Center  (NCSC)  against  the  requirements  specified  by  the  Department  of 
Defense  Trusted  Computer  System  Evaluation  Criteria  [DOD  5200.28-STD]  (the  Criteria) 
dated  December  1985. 

The  NCSC  evaluation  team  has  determined  that  the  highest  class  at  which  System  V/MLS 
satisfies  all  the  specified  requirements  of  the  Criteria  is  class  Bl. 

The  Trusted  Computer  System  Evaluation  Summary  Chart  indicates  the  requirements  and 
corresponding  level  that  System  V/MLS  satisfies.  For  a  complete  description  of  how  System 
V/MLS  saticfies  each  requirement  of  the  criteria,  see  Final  Evaluation  Report,  AT&T  System 
V/MLS  (report  No.  CSC-EPL-89/003) 
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Serial  No. 


CSC-EPL-89/004 


EVALUATED  PRODUCT:  Unisys  OS  1100  Security  Release  I 

VENDOR:  Unisys  Corporation 

EVALUATION  DATE:  27  September  1989 

OVERALL  EVALUATION  CLASS:  B1 


PRODUCT  DESCRIPTION: 

OS  1100  Security  Release  I  is  a  general  purpose,  multiprocessing  operating  system  running 
on  Unisys  1100/90,  Systemll,  and  2200/200  hardware.  These  models  share  a  common 
architecture  which  employs  a  multi-state  protection  mechanism  along  with  hardware  memory 
protection.  OS  1100  is  structured  to  take  advantage  of  these  architectural  features.  For 
example,  it  supports  multiple  processes  (activities),  each  running  with  a  private  virtual 
address  space  and  capable  of  sharing  protected  subsystems  (common  memory  banks). 

OS  1100  Security  Release  I  supports  batch,  time-sharing  (demand),  and  transaction  pro¬ 
cessing  (TIP)  modes.  The  trusted  computing  base  (TCB)  of  OS  1100  Security  Release  I 
consists  of  specific  releases  of  the  following  components:  Executive,  CMSllOO,  TELCON, 
COMUS,  FAS,  IRU,  UDS,  MOB,  PERCON,  SIMAN,  SSP,  TLABEL,  and  DPREPllOO. 
Communications  are  provided  by  Distributed  Communications  Processors  (DCP)  and  Inte¬ 
grated  Communication  Processors  (ICP)  operating  as  front  end  processors  under  control  to 
CMS  1100  and  TELCON.  The  OS  1100  Executive  is  the  base  component  and  a  prerequisite 
for  the  other  components.  The  TCB  enforces  a  mandatory  and  discretionary  security  pol¬ 
icy,  performs  user  identification  and  authentication,  clears  residue,  generates  audit  trail  and 
accounting  records,  and  provides  a  base  upon  which  to  build  secure  application  programs. 

OS  1100  Security  Release  I  provides  isolation  of  the  OS  1100  Executive  through  the  use  of 
hardware  protection  mechanisms.  Access  to  OS  1100  subsystems  (shared  memory  banks) 
is  protected  with  controlled  access  to  entry  points  (gates).  If  access  is  permitted-  to  the 
entry  point,  the  system  switches  the  security  attributes  of  the  process  (activity)  to  those 
specified  for  the  subsystem.  Activity  isolation  is  achieved  by  using  a  hardware  and  software 
architecture  which  includes  a  per-activity  virtual  address  space,  per-activity  stacks,  and 
architecturally  defined  activity  state  changes. 

OS  1100  Security  Release  I  provides  a  mandatory  access  control  policy  consistent  with  the 
Bell-LaPadula  model.  Mandatory  access  control  is  based  on  labeling  which  supports  up  to 
64  hierarchical  levels  and  30  categories.  An  administrator  can  attach  symbolic  names  to 
each  level  and  each  category.  Additionally,  each  category  may  be  securely  re-defined  by  an 
administrator.  OS  1100  requires  that  all  subjects  and  objects  have  a  mandatory  label  and 
ensures  that  all  accesses  to  objects  conform  to  the  security  policy. 
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Discretionary  access  control  provided  by  OS  1100  Security  Release  I  is  based  on  access  lists 
which,  may  be  private  (default),  public,  or  semi-private  (access  control  record  attached). 
Access  control  records  specify  by  whom,  when,  and  how  the  object  may  be  accessed.  OS 
1100  not  only  provides  discretionary  access  controls  available  for  individual  users.  Access 
may  be  controlled  at  a  group  level  as  well. 

OS  1100  Security  Release  I  provides  clearing  of  residue  (object  reuse)  in  registers,  main 
storage,  and  mass  storage. 

Identification  and  authentication  of  batch,  demand,  and  TIP  users  is  accomplished  by  pre¬ 
senting  a  userid  and  password  to  the  TCB’s  login  facility.  Identification  and  authentication 
information  is  stored  in  a  protected  database  in  the  OS  1100  file  system. 

OS  1100  Security  Release  I  provides  an  auditing  facility  to  ensure  user  accountability.  All 
security-relevant  events  are  always  audited,  not  just  auditable.  This  facility  includes  col¬ 
lection,  reduction,  backup,  and  audit  data  recovery  capabilities.  The  Log  Analyzer  (LA) 
provides  audit  reduction  capabilities  including  security  reports,  actions  of  individual  users, 
and  references  to  specific  objects  or  object  security  levels. 

OS  1100  also  provides  the  ability  to  restrict  user  privileges  to  those  required  to  perform  their 
duties.  All  users  (including  operators  and  administrators)  are  subject  to  this  mechanism. 
The  system  supports  a  Security  Administrator  role.  This  administrator  is  responsible  for 
the  overall  security  of  the  system.  Sub-  administrators  can  also  be  defined  to  the  system. 
System  operators  and  administrators  are  trusted  individuals  and  their  interactions  with  the 
system  are  audited. 

OS  1100  Security  Release  I  also  provides  some  features  beyond  those  required  for  a  class 
B1  system.  These  include  B2  trusted  path,  B3  DAC  for  groups,  and  B2  trusted  facility 
management. 

EVALUATION  SUMMARY: 

The  security  protection  provided  by  OS  1100  Security  Release  I  has  been  evaluated  by 
the  National  Computer  Security  Center  (NCSC)  against  the  requirements  specified  by  the 
Department  of  Defense  Trusted  Computer  System  Evaluation  Criteria  [DOD  5200.28-STD] 
(the  Criteria)  dated  December  1985. 

The  NCSC  evaluation  team  has  determined  that  the  highest  class  at  which  OS  1100  Security 
Release  I  satisfies  all  the  specified  requirements  of  the  Criteria  is  class  Bl. 

The  Trusted  Computer  System  Evaluation  Summary  Chart  indicates  the  requirements  and 
corresponding  level  that  OS  1100  Security  Release  I  satisfies. 

For  a  complete  description  of  how  the  OS  1100  operating  system  satisfies  each  requirement  of 
the  Criteria,  see  Final  Evaluation  Report,  UNISYS  OS  1100  (Report  No.  CSC-EPL-89/004). 
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Trusted  Computer  System  Evaluation  Summary  Chart 
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not  infer  any  assurance  above  this  level. 


System  Name: 

Unisys  Corportation 
OS  1100 

Security  Release  I 

Evaluation  Date:  27  September  1989 


Serial  No. 


CSC-EPL-89/005 


EVALUATED  PRODUCT:  VM/SP  or  VM/SP  HPO  Conversational 

Monitor  System  (CMS)  ^ 

Resource  Access  Control  Facility  (RACF) 
Directory  Maintenance  Licensed  Program 
Product  (DIRMAINT) 

VMTAPE-MS 

Interactive  System  Productivity  Facility  (ISPF) 

VENDOR:  International  Business  Machines  Corporation 

VERSION  EVALUATED:  VM/SP  Release  5  VM/SP  HPO  Release  5 

CMS  Release  5  RACF  Release  1.8.2 
DIRMAINT  Version  1.4 
VMTAPE-MS  Release  4.1 
ISPF  Release  2.2 

EVALUATION  DATE:  28  September  1989 

OVERALL  EVALUATIONCLASS:  C2 


PRODUCT  DESCRIPTION: 

VM/SP  (with  or  without  HPO)  with  RACF,  running  on  any  IBM  System/370  processor 
and  related  peripherals  that  it  supports,  is  a  trusted  computing  system  that  provides  dis¬ 
cretionary  access  control  for  all  user  data  and  other  resources  by  giving  each  user  a  virtual 
machine  (VM)  for  the  execution  of  his  own  process,  and  by  mediating  all  attempts  by  users 
running  in  other  VMs  to  access  the  resources  of  any  VM.  Each  user  also  has  a  dedicated 
subset  of  system  DASD,  referred  to  as  minidisks,  and  CP  mediates  all  attempts  to  access 
any  minidisk  by  any  VM  other  than  that  of  the  minidisk’s  owner. 

VM/SP  also  provides  four  types  of  Interprocess  Communications  (IPC)  and  enforces  dis¬ 
cretionary  access  control  among  users  of  IPC.  CMS  provides  a  single-user  operating  system 
within  each  VM  that  allows  the  user  access  to  real  and  virtual  devices  and  to  files  on  the 
user’s  own  minidisk.  Other  products,  all  compatible  with  Virtual  Machine/System  Product 
Release  5  and  included  in  the  evaluation,  are  described  below. 

^CMS  is  shipped  by  IBM  when  VM/SP  is  ordered;  it  is  not  a  separately  purchased  product.  CMS  is 
separately  installed  into  the  VM/SP  system  and,  in  fact,  the  VM/SP  system  will  operate  without  CMS 
running  in  any  user  VM.  However,  CMS  is  used  by  several  components  of  the  TCB  and,  therefore,  must  be 
installed  in  several  of  the  system  VMs. 
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Resource  Access  Control  Facility  (RACF)  is  IBM’s  strategic  facility  for  providing  security 
services  and  support  to  VM/SP  as  well  as  many  other  IBM  products.  RACF  provides  numer¬ 
ous  functions  and  features  that  greatly  enhance  an  installation’s  control  over  its  resources. 
RACF’s  flexibility  and  functionality  supply  a  common  base  for  security  within  many  IBM 
products.  VM/SP  with  RACF  makes  available  privilege  and  protection  mechanisms  to  limit 
user  access  to  system- controlled  structures  in  physical  storage,  user-controlled  resources  in¬ 
cluding  virtual  spool  files  and  minidisks,  and  system-  controlled  devices.  The  evaluated 
product  also  provides  extensive  audit  capabilities.  RACF  allows  the  owner  of  any  resource 
to  specify,  down  to  the  granularity  of  a  single  user,  who  will  be  allowed  access  to  the  resource. 
RACF  is  consulted  by  CP  before  allowing  any  requested  access. 

ISPF  provides  a  set  of  menus  that  are  used  as  an  administrative  interface  to  allow  appropriate 
privileged  users  to  add  new  users  and  their  minidisks  to  the  system  while  maintaining  the 
integrity  of  the  RACF  and  VM/SP  databases  of  users  and  resources. 

DIRMAINT  allows  appropriate  privileged  users  to  maintain  the  VM/SP  directory  of  users, 
their  virtual  machine  configurations,  privileges  and  options,  with  the  restriction  that  the 
ISPF  menus  are  required  to  modify  database  entries  for  users  and  minidisks. 

VMTAPE-MS  maintains  a  Tape  Management  Catalog  which  enforces  discretionary  access 
control  over  standard-labeled  tape  volumes,  allowing  unprivileged  users  read  and  write  access 
to  their  own  tapes  while  preventing  their  access  to  those  of  others. 

Additional  system  features  include  the  capability  to  audit  all  CP  commands  and  DIAGNOSE 
functions,  all  SPOOL  functions,  and  each  of  the  four  types  of  interprocess  (inter-virtual 
machine)  communications;  extensive  audit  reduction  capabilities;  the  ability  to  support  a 
different  operating  system,  or  a  different  version  of  the  same  operating  system,  within  each 
VM  and  still  provide  process  isolation  through  a  combination  of  hardware  and  software 
techniques;  and  the  use  of  trusted  subjects,  in  the  form  of  Service  Virtual  Machines,  to 
provide  security  relevant  services  in  a  secure  and  efficient  manner. 

EVALUATION  SUMMARY: 

The  security  protection  provided  by  VM/SP  with  RACF  has  been  evaluated  by  the  National 
Computer  Security  Center  (NCSC)  against  the  requirements  specified  by  the  Department  of 
Defense  Trusted  Computer  System  Evaluation  Criteria  [DOD  5200.28-STD]  (the  Cxiteria) 
dated  December  1985. 

The  NCSC  evaluation  team  has  determined  that  the  highest  class  at  which  VM/SP  with 
RACF  satisfies  all  the  specified  requirements  of  the  Criteria  is  class  C2. 

The  Trusted  Computer  System  Evaluation  Summary  Chart  below  indicates  the  requirements 
and  corresponding  level  that  VM/SP  with  RACF  satisfies. 
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Trusted  Computer  System  Evaluation  Summary  Chart 
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□  Does  Not  Satisfy  the  Requirement  For  This  Class 


No  Requirements  For  This  Class 


Credit  given  above  the  overall  rating  recongnizes 
mechanisms  implemented  beyond  those  strictly  required 
within  the  assigned  rating  class.  Security  testing  was  not 
conducted  above  the  rated  level,  and  the  reader  should 
not  infer  any  assurance  above  this  level. 


System  Name: 

International  Business  Machines  Corporation 
VM/SP  with  RACE 

Evaluation  Date:  28  September  1989 


The  rating  given  to  the  evaluated  system  (viz.,  C2)  is  the  highest  level  of  the  Criteria  at 
which  the  system  satisfies  all  the  specified  requirements.  For  a  complete  description  of  how 
VM/SP  with  RACF  satisfies  each  requirement  of  the  Criteria,  see  Final  Evaluation  Report, 
International  Business  Machines  Corporation  VM/SP  with  RACF  (Report  No.  CSC-EPL- 
89/005).  In  addition,  the  Report  should  also  be  consulted  for  the  complete  lists  of  evaluated 
hardware  and  software  components  as  well  as  all  the  necessary  Authorized  Program  Analysis 
Report  (APAR)  numbers. 

To  get  the  exact  version  evaluated,  order  the  ”C2  Security  (US  Dept,  of  Defense)  Features.” 
the  complete  list  of  PUT  service  applied  to  each  of  the  products  above  to  create  the  evaluated 
system  can  be  found  in  the  NCSC  Final  Evaluation  Report  for  this  system. 
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Serial  No. 


CSC-EPL-90/002 


EVALUATED  PRODUCT:  Multiple  Virtual  Storage/ System  Product  (MVS/SP) 

Job  Entry  Subsystem  2  (JES2) 

Job  Entry  Subsystem  3  (JES3) 

Data  Facility  Product  (DFP) 

Resource  Access  Control  Facility  (RACF) 

Time  Sharing  Option  /  Extensions  (TSO/E) 
Advanced  Communications  Function  /  Virtual 
Telecommunications  Access  Method  (ACF /VTAM)  ^ 
Print  Services  Facility  (PSF) 

Enterprise  Systems  Architecture/370  (ESA/370)  ^ 
(collectively  referred  to  as  MVS/ESA)  ^ 

VENDOR:  International  Business  Machines  Corporation 

VERSION  EVALUATED:  MVS/SP  Version  3  Release  1.3 

JES2  Version  3  Release  1.3 

JES3  Version  3  Release  1.3 

DFP  Version  3  Release  1.1 

RACF  Version  1  Release  9 

TSO/E  Version  2  Release  1.1 

ACF/VTAM  ESA  Version  3  Release  3 

PSF  Version  1  Release  3 

EVALUATION  DATE:  17  September  1990 

OVERALL  EVALUATION  CLASS:  B1 


PRODUCT  DESCRIPTION: 

MVS/SP  is  IBM’s  operating  system  for  its  computers  that  offer  the  Enterprise  Systems 
Architecture  (ESA/370).  The  system  provides  generalized  facilities  that  support  a  wide 
variety  of  usages  including  concurrent  execution  of  multi-user  time-sharing,  batch,  and  real¬ 
time  applications. 

RACF  is  IBM’s  strategic  facility  for  providing  security  services  and  support  to  MVS/SP. 


^ACF/VTAM  isa  registered  trademark  of  the  IBM  Corporation. 
^ESA/370  is  a  registered  trademark  of  the  IBM  Corporation. 
®MVS/ESA  is  a  registered  trademark  of  the  IBM  Corporation. 
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RACF  provides  numerous  functions  and  features  that  greatly  enhance  an  installation’s  con¬ 
trol  over  its  resources.  RACF’s  flexibility  and  functionality  supply  a  common  base  for  security 
within  many  IBM  products.  MVS/SP  with  RACF  make  available  privilege  and  protection 
mechanisms  to  limit  user  access  to  system-controlled  structures  in  physical  storage,  system- 
structured  volumes  and  files,  and  certain  devices. 

The  evaluated  software  encompasses  all  other  products  listed  above  supplying  MVS/SP  with 
a  wide  functionality.  Furthermore,  several  MVS/ESA  systems  may  be  operated  together 
within  an  MVS/ESA  JES  complex  while  retaining  the  overall  rating.  Eventhough  MVS/ESA 
has  all  the  features  necessary  for  networking,  the  B1  rating  applies  to  only  those  MVS/ESA 
systems  utilized  as  stand-alone  systems. 

MVS/ESA  uses  resource  access  control  lists  to  provide  discretionary  access  controls  and 
maintains  a  security  label  for  each  subject  and  object  by  which  mandatory  access  control 
decisions  are  made.  Additionally,  MVS/ESA  provides  user  identification  and  authentica¬ 
tion  through  user  IDs  and  passwords,  and  individual  accountability  through  its  auditing 
capability. 

The  ESA/370  architecture  specifies  several  protection  mechanisms.  In  general,  user  programs 
execute  in  the  problem  state  while  the  system  programs  run  in  the  supervisor  state.  User 
separation  is  achieved  with  an  extensive  memory  and  address  space  management.  System 
programs  are  further  isolated  by  means  of  protection  keys. 

The  evaluated  software  is  supported  by  IBMj  processors  supporting  ESA/370.  This  product 
line  ranges  from  mid-range  4381  computers  to  3090  mainframes  with  six  central  processors 
and  six  vector  facilities.  In  addition,  fifteen  models  of  the  3090  computers  may  be  operated  in 
certain  partitioned  configurations  while  maintaining  the  security  of  each  system  and,  hence, 
the  awarded  rating. 

EVALUATION  SUMMARY: 

The  security  protection  provided  by  MVS/ESA,  configured  according  to  the  most  secure 
manner  described  in  the  Trusted  Facility  Manual,  has  been  evaluated  by  the  National  Com¬ 
puter  Security  Center  (NCSC)  against  the  requirements  specified  by  the  Department  of  De¬ 
fense  Trusted  Computer  System  Evaluation  Criteria  [DOD  5200.28-STD]  dated  December 
1985. 

The  NCSC  evaluation  team  has  determined  that  the  highest  class  at  which  MVS/ESA  sat¬ 
isfies  all  the  specified  requirements  of  the  Criteria  is  class  Bl.  Due  to  IBM’s  decision  not 
to  participate  in  the  Ratings  Maintanence  process,  the  NCSC  is  unable  to  evaluate  future 
changes  to  the  system. 
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The  figure  below  indicates  the  requirements  and  corresponding  level  that  MVS/ESA  satisfies. 


Trusted  Computer  System  Evaluation  Summary  Chart 
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within  the  assigned  rating  class.  Security  testing  was  not 
conducted  above  the  rated  level,  and  the  reader  should 
not  Infer  any  assurance  above  this  level. 


The  rating  given  to  the  evaluated  system  (viz.,  Bl)  is  the  highest  level  of  the  Criteria 
at  which  the  system  satisfies  all  the  specified  requirements.  For  a  complete  description 
of  how  MVS/ESA  satisfies  each  requirement  of  the  Criteria,  see  Final  Evaluation  Report^ 
International  Business  Machines  Corporation  MVS/ESA  (Report  No.  CSC-EPL-90/002). 
In  addition,  the  Report  should  also  be  consulted  for  the  complete  lists  of  evaluated  hardware 
and  software  components  as  well  as  all  the  necessary  PTF  numbers. 


System  Name: 

International  Business  Machines  Corp. 
MVS/ESA 


Evaluation  Date:  17  September  1990 


4-3b.35 


Serial  No: 


CSC-EPL-90/004 


EVALUATED  PRODUCT:  SVS/OS  CAP  1.0 

VENDOR:  Wang  Laboratories,  Inc. 

EVALUATION  DATE:  28  September  1990 

OVERALL  EVALUATION  CLASS:  C2 

PRODUCT  DESCRIPTION: 

Wang’s  Secure  Virtual  Storage  Operating  System  with  Controlled  Access  Protection,  SVS/OS 
CAP  1.0,  runs  on  the  Wang  VS  Product  Family,  a  series  of  32-bit  super- minicomputers  with 
a  virtual  memory  system  that  can  support  from  512  KB  to  32  MB  of  addressable  physical 
storage.  SVS/OS  CAP  1.0  consists  of  the  VS  operation  system.  Release  7.33.36,  Enhanced 
Security  Access  Controls  (ESAC)  Version  2.0,  and  I/O  Device  Support  Package  Version  5.0. 

SVS/OS  CAP  1.0  is  a  general-purpose  time-sharing  system  which  supports  identification  and 
authentication  of  users,  discretionary  access  controls,  object  reuse  protection,  and  auditing. 

SVS/OS  CAP  1.0  provides  isolation  of  the  TCB  from  users.  Process  isolation  is  implemented 
through  the  use  of  individual  process  virtual  address  spaces  and  hardware  memory  protection 
mechanisms. 

User  accounts  are  maintained  in  a  protected  system  file  by  the  System  Administrator.  Each 
account  has  a  logon  ID  and  a  password.  SVS/OS  CAP  1.0  also  provides  optional  password 
control  capabilities  which  include  system  generated  passwords;  password  expiration;  ID  by 
time  and  date;  enforcing  minimum  password  length;  maintaining  a  password  history  to 
prevent  their  reuse;  and  password  encryption. 

Discretionary  access  controls  (DAC)  on  files  consist  of  access  control  lists  and  file  protection 
classes  which  use  hierarchical  access  levels  (Write,  Read,  Execute,  and  Null).  The  access 
control  lists  can  allow  access  by,  or  deny  access  to,  individuals  or  groups  of  individuals. 

SVS/OS  CAP  1.0  provides  auditability  of  all  security-relevant  events.  The  SA  can  select 
events  to  be  audited,  create  log  files,  and  specify  log  file  sizes.  The  selectivity  of  events  is 
based  on  three  categories:  system,  file,  and  user.  System  events  are  the  events  auditable  for 
eery  file  and  user  on  the  system.  File  events  are  the  auditable  events  related  to  a  particular 
file,  or  set  of  files,  and  user  events  are  the  events  auditable  for  a  given  user  ID  or  set  of  user 
IDs,  including  operators.  The  SA  is  able  to  select  events  to  be  audited  through  a  menu- 
driven  interface.  VS/OS  CAP  1.0  allows  the  SA  to  produce  reports  based  upon  the  audit 
data.  These  reports  are  easy  to  read  and  interpret. 
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EVALUATION  SUMMARY: 


The  security  protection  provided  by  SVS/OS  CAP  1.0  has  been  evaluated  by  the  National 
Computer  Security  Center  (NCSC)  against  the  requirements  specified  by  the  Department  of 
Defense  Trusted  Computer  System  Evaluation  Criteria^  (TCSEC),  26  December  1985,  DOD 
5200.28-STD,  and  under  the  provisions  of  the  Rating  Maintenance  Phase  (RAMP).  The 
evaluated  hardware  set  includes  the  following  CP-types:  CP4,  CP7,  CP8,  CP9,  CplO,  and 
CP12. 


The  Trusted  Computer  System  Evaluation  Summary  Chart  on  the  next  page  indicates  the 
requirements  and  corresponding  level  that  SVS70S  CAP  1.0  satisfies.  For  a  complete  descrip¬ 
tion  of  how  SVS/OS  CAP  1.0  satisfies  each  requirement  of  the  TCSEC,  see  Final  Evaluation 
Report,  Wang  Laboratories,  Inc.,  SVS/OS  CAP  f.0(Report  No.  CSC-EPL-90/004). 


Trusted  Computer  System  Evaluation  Summary  Chart 
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conducted  above  the  rated  level,  and  the  reader  should 
not  infer  any  assurance  above  this  level. 


System  Name: 

Wang  Laboratories,  Inc. 
SVS/OS  CAP  1.0 


Evaluation  Date:  28  September  1990 
_ \ _ 
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Serial  No. 


CSC-EPL-91/003 


EVALUATED  PRODUCT: 
VENDOR: 

VERSION  EVALUATED: 
EVALUATION  DATE: 

OVERALL  EVALUATION  CLASS: 


Trusted  XENIX 

Trusted  Information  Systems,  Inc.  (TIS) 
Trusted  XENIX  Version  2.0 
22  January  1991 
B2 


PRODUCT  DESCRIPTION: 

Trusted  XENIX  Version  2.0  (Trusted  XENIX)  ^  is  a  UNIX- like, multi-level  secure  operating 
system  for  the  IBM  Personal  Computer  AT  (PC  AT),  and  IBM  Personal  System/2  (PS/2) 
Models  50,  60,  70,  TOT,  70P  and  80  ^  .  It  is  a  multi-user,  multi-tasking  system  which  can 
support  up  to  six  concurrent  users  using  currently  available  IBM  equipment.  Trusted  XENIX 
contains  many  functional  and  security  enhancements  while  maintaining  binary  compatibility 
with  programs  developed  under  IBM  Personal  Computer  XENIX  versions  1.0  and  2.0. 

Trusted  XENIX  is  designed  to  provide  a  high  level  of  security  for  environments  requiring 
trusted  desktop  data  processing.  Trusted  XENIX  enforces  a  mandatory  security  policy  based 
on  the  Bell  and  LaPadula  security  model.  Discretionary  access  controls  include  traditional 
UNIX  ^  protection  bits,  as  well  as  Access  Control  Lists.  Trusted  XENIX  performs  user 
identification  and  authentication,  generates  audit  trail  records,  and  provides  a  base  upon 
which  to  build  secure  application  programs.  Evaluated  hardware  configurations  include  a 
range  of  disks,  disk  controllers,  video  configurations,  and  a  cartridge  tape  unit  for  fast  system 
back-up  and  restore. 

The  system  enforces  the  ’’principle  of  least  privilege”  (i.e.,  users  should  have  no  more  au¬ 
thorization  than  what  is  required  to  perform  their  functions)  for  each  of  the  four  defined 
privileged  user  roles  available  in  multi-user  mode.  These  privileged  users  are  assigned  to 
one  of  the  four  following  roles:  System  Security  Administrator,  Secure  Operator,  Account 
Administrator,  and  Auditor.  This  separation  is  supported  by  strictly  limiting  privileged 
users  to  predefined  operations.  In  addition,  all  actions  performed  by  privileged  users  can  be 
audited,  and  the  audit  log  cannot  be  modified  by  unprivileged  users,  the  System  Security  Ad¬ 
ministrator,  Secure  Operator,  or  Account  Administrator.  In  addition,  there  is  also  a  Trusted 
System  Programmer  who  is  responsible  for  initial  hardware  and  system  configuration.  This 
role  only  exists  in  single-user  mode. 

^XENIX  is  a  trademark  of  the  Microsoft  Corporation. 

^IBM,  Personal  Computer  AT  and  Personal  System/2  are  registered  trademarks  of  the  IBM  Corporation. 

^UNIX  is  a  registered  trademark  of  AT&T  Bell  Laboratories,  Inc. 
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No  Additional  Requirements  For  This  Class 

(♦I  Meets  or  Exceeds  the  Requirements  For  This  Class 

Credit  given  above  the  overall  rating  recongnizes 
mechanisms  implemented  beyond  those  strictly  required 
within  the  assigned  rating  class.  Security  testing  was  not 
conducted  above  the  rated  level,  and  the  reader  should 
not  infer  any  assurance  above  this  level. 


System  Name: 

Trusted  Information  Systems,  Inc. 
Trusted  XENIX  Version  2.0 


Evaluation  Date:  22  January  1991 


EVALUATION  SUMMARY: 


The  security  protection  provided  by  Trusted  XENIX,  configured  according  to  the  most  se¬ 
cure  manner  described  in  the  Trusted  Facility  Manual,  has  been  evaluated  by  the  National 
Computer  Security  Center  (NCSC)  against  the  requirements  specified  by  the  Department  of 
Defense  Trusted  Computer  System  Evaluation  Criteria  [DOD  5200.28-STD]  dated  December 
1985. 

The  NCSC  evaluation  team  has  determined  that  the  highest  class  at  which  Trusted  XENIX 
satisfies  all  the  specified  requirements  of  the  Criteria  is  class  B2.  In  addition,  Trusted  XENIX 
satisfies  the  functionality  of  the  B3  requirements  for  DAC,  Trusted  Path,  and  Trusted  Facility 
Management. 

For  a  complete  description  of  how  Trusted  XENIX  satisfies  each  requirement  of  the  Criteria, 
see  Final  Evaluation  Report,  Trusted  Information  Systems^  Trusted  XENIX  (Report  No. 
CSC-EPL-91/003).  In  addition,  the  report  should  also  be  consulted  for  the  complete  lists  of 
evaluated  hardware  and  software  components. 
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Serial  No. 


CSC-EPL-91/004 


EVALUATED  PRODUCT:  Compartmented  Mode  Workstation  Plus  (CMW-f)  ^ 

Version  1.0 


VENDOR: 


SecureWare,  Inc. 


EVALUATION  DATE:  30  January  1991 

EVALUATION  CLASS:  B1 


PRODUCT  DESCRIPTION: 

SecureWare’s  Compartmented  Mode  Workstation  Plus  (CMW+)  Version  1.0  is  a  multilevel 
secure  version  of  Apple  Computer’s  A/UX  ^  Release  1.1  for  the  Macintosh  IIx  and  Macintosh 
Ilex  ^  workstations.  It  incorporates  trusted  multilevel  versions  of  the  X  Window  System 
Version  11,  Release  3  (X11R3)  and  the  OSF/Motif  Window  Manager  Version  1.0.  CMW+ 
is  a  general-purpose,  multi-tasking  operating  system  with  a  windowing  environment.  It 
adds  the  security  and  functional  enhancements  required  by  the  Trusted  Computer  System 
Evaluation  Criteria  (TCSEC)  to  A/UX,  the  X  Window  System  ^  and  the  OSF/Motif  ^ 
Window  Manager. 

CMW-f  is  designed  to  provide  security  for  environments  requiring  trusted  desktop  data  pro¬ 
cessing.  In  addition  to  providing  the  traditional  user  specified  access  controls  (i.e.,  discre¬ 
tionary  access  controls)  through  protection  bits,  CMW-f  provides  access  control  lists,  which 
provide  a  more  flexible  user  specified  access  mechanism,  and  mandatory  access  control,  to 
control  the  distribution  of  information  protected  by  the  system  to  only  those  users  who  have 
been  authorized  for  the  information.  The  mandatory  security  policy  is  consistent  with  the 
Bell-La  Padula  model  and  conforms  with  Department  of  Defense  policy.  In  addition,  CMW-f 
provides  an  information  labeling  policy  on  the  information  contained  in  objects.  A  virtually 
unlimited  number  of  classifications  and  compartments  are  supported. 

CMW-f  provides  user  identification  and  authentication  through  usernames  and  passwords, 
and  individual  accountability  through  its  auditing  mechanisms.  The  authentication  features 
of  CMW-f  comply  with  the  guidelines  recommended  in  the  DoD  Password  Management 
Guideline,  CSC-STD-002-85.  The  auditing  mechanism  is  controlled  from  a  Motif-based 
interface  and  supports  pre  and  post-selection  by  user,  group,  event  and  sensitivity  level 
range. 


^CMW-|-  is  a  trademark  of  SecureWare,  Inc. 

^A/UX  is  a  trademark  of  Apple  Computer,  Inc. 

^Apple  and  Macintosh  are  registered  trademarks  of  Apple  Computer,  Inc. 

“^The  X  Window  System  is  a  tradmark  of  the  Massachusetts  Institute  of  Technology 
®OSF/Motif  and  Motif  are  trademarks  of  Open  Software  Foundations,  Inc. 
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A  trusted  X  server  and  trusted  Motif  window  manager  provide  a  trusted  path  mechanism 
for  login  and  for  performing  security-relevant  functions.  The  security  policies  have  been 
implemented  using  X  protocol  extensions  in  a  binary  backwards- compatible  manner. 

The  system  supports  three  separate  privileged  user  roles  as  defined  in  the  ^ 

maintaining  the  system:  System  Administrator,  Information  System  Security  Officer  (ISSO) 
and  Operator.  Motif-based  programs  are  provided  for  the  System  Administrator  and  b  ^ 
to  enable  them  to  easily  administer  the  audit  subsystem,  user  accounts  and  the  device 

subsystem. 

CMW-f  supplies  a  privilege  mechanism  and  a  number  of  discrete  privileges  that  may  be  used 
to  implement  the  principle  of  least  privilege.  CMW-|-  also  supports  configurable  command 
authorizations  on  a  per  user  basis  to  limit  access  to  various  commands.  CMW+  is  delivered 
with  a  number  of  programs  which  may  be  used  to  reduce  the  likelihood  of  data  compromise 
in  the  event  of  a  system  failure. 

CMW-f  can  transfer  data,  including  all  security  attribute  information,  to  and  from  other 
SewcureWare  based  systems  via  removable  media.  SecureWare  has  designed  CMW-|-  to  be 
compatable  with  many  other  systems  that  are  available  in  the  marketplace. 

EVALUATION  SUMMARY 

The  security  protection  proveded  by  SecureWare  Compartmented  Mode  Workstation  Plus 
(CMW-f)  operating  system  running  on  Apple  Macintosh  IIx  or  Ilex  workstations,  config¬ 
ured  as  described  in  the  CMW+  Trusted  Facility  Manual,  has  been  evaluated  against  the 
requirements  specified  by  the  Department  of  Defense  Trusted  Computer  System  Evaluation 
Criteria  [DoD  5200.28-STD],  dated  1985. 

The  evaluation  team  has  determined  that  the  highest  class  at  which  SecureWare  CMW-f 
satisfies  all  the  specified  requirements  of  the  Criteria  is  Bl.  In  addition,  SecureWare  CMW-I- 
satisfies  the  funcionality  of  the  B2  requirement  for  Configuration  Management,  the  B3  re¬ 
quirement  for  DAC,  Trusted  Path,  Trusted  Facility  Management,  Trusted  Recovery,  and  the 
A1  requirement  for  Trusted  Distribution. 

In  conjunction  with  the  TCSEC  evaluation,  CMW+  was  also  evaluated  against  the  Com- 
partmented  Mode  Workstation  Requirements  of  the  Security  Requirements  for  Systems  High 
and  Compartmented  Mode  Workstations.  Se  the  entry  in  the  TCB  Extentions  List  for  more 
information. 

For  a  complete  description  of  how  SecurewWare  CMW-t-  satisfies  each  requirement  of  the  TC¬ 
SEC,  se  Final  Evaluation  Report,  SecureWare  Inc.,  CMW+  (Report  No.  CSC-EPL-91/004). 
In  additin  the  report  should  be  consulted  for  the  complete  lists  of  evaluated  hardware  and 
software  components. 
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Trusted  Computer  System  Evaluation  Summary  Chart 
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□  Does  Not  Satisfy  the  Requirement  For  This  Class 


No  Requirements  For  This  Class 


No  Additional  Requirements  For  This  Class 

[1  Meets  or  Exceeds  the  Requirements  For  This  Class 

Credit  given  above  the  overall  rating  recongnizes 
mechanisms  implemented  beyond  those  strictly  required 
within  the  assigned  rating  class.  Security  testing  was  not 
conducted  above  the  rated  level,  and  the  reader  should 
not  Infer  any  assurance  above  this  level. 


System  Name: 

SecureWare  Incorporated 
Compartmented  Mode  Workstation  Plus 

Evaluation  Date:  30  January  1991 
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ADD-ON  PACKAGE  EPL  ENTRIES 


EVALUATED  PRODUCT: 


Serial  No.  CSC-EPL-84/001 

Resource  Access  Control  Facility  (RACF) 


VENDOR:  International  Business  Machines,  Corp. 

VERSIONS:  RACF  Version  1  Release  5 

DATE:  23  July  1984 

OVERALL  EVALUATION  CLASS:  Cl 


PRODUCT  DESCRIPTION 

RACF  is  IBM’s  MVS  facility  that  provides  controlled  access  to  system  resources.  RACF 
with  MVS/370  was  the  evaluated  configuration;  however,  RACF  is  also  supported  under 
MVS/XA.  RACF  is  designed  to  limit  access  to  resources  by  identifying  authorized  users  and 
protected  resources,  then  controlling  users’  access  to  those  resources. 

RACF  also  provides  the  security  administrator  with  the  option  of  default  protection  on 
permanent  Direct  Access  Storage  Device  (DASD)  data  sets.  RACF  provides  protection  for 
data  sets  resident  on  DASD,  IBM  Mass  Storage  Systems  (MSS)  and  tape  volumes.  Access 
levels  of  ALTER,  CONTROL,  UPDATE,  READ,  and  NONE  are  supported  for  DASD  data 
sets.  Interfaces  between  RACF  and  other  IBM  products,  including  Information  Management 
System  (IMS)  and  Customer  Information  Control  System  (CICS),  are  supported  by  IBM. 

EVALUATION  SUMMARY: 

The  security  protection  provided  by  the  IBM  Resource  Access  Control  Facility  (RACF)  Ver¬ 
sion  1,  Release  5  running  with  the  Multiple  Virtual  Storage/System  Product  (MVS/SP) 
1.3.2  operating  system  has  been  evaluated  by  the  Department  of  Defense  Computer  Security 
Center  (DoDCSC).  The  security  features  of  RACF/MVS  were  evaluated  against  the  require¬ 
ments  specified  by  the  Department  of  Defense  Trusted  Computer  System  Evaluation  Criteria 
(the  Criteria),  dated  15  August  1983. 

The  DoDCSC  evaluation  team  has  determined  that  the  highest  class  at  which  RACF/MVS 
satisfies  all  the  specified  requirements  of  the  Criteria  is  class  Cl.  Further,  RACF/MVS  was 
found  to  meet  or  exceed  many  of  the  requirements  for  class  C2. 

The  overall  system  integrity  level  of  RACF/MVS  is  Cl.  It  appears  that  RACF/MVS  can 
evolve  to  meet  the  C2  level  of  the  Criteria,  however,  RACF/MVS  can  not  meet  higher  levels 
of  the  Criteria  without  significant  modification  or  reimplementation  of  a  major  fraction  of 
MVS  and  its  supporting  subsystems. 


At  the  time  of  the  evaluation,  MVS  was  the  only  operating  system  that  supported  RACF 
Version  1  Release  5.  The  integrity  of  RACF  is  dependent  upon  the  integrity  of  the  MVS 
system  itself. 


Trusted  Computer  System  Evaluation  Summary  Chart 
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Does  Not  Satisfy  the  Requirement  For  This  Class 
H  No  Requirements  For  This  Class 

No  Additional  Requirements  For  This  Class 

^  Meets  or  Exceeds  the  Requirements  For  This  Class 

Credit  given  above  the  overall  rating  recongnizes 
mechanisms  implemented  beyond  those  strictly  required 
within  the  assigned  rating  class.  Security  testing  was  not 
conducted  above  the  rated  level,  and  the  reader  should 
not  infer  any  assurance  above  this  level. 


System  Name: 

International  Business  Machines  Corp. 
Resource  Access  Control  Facility 
Version  1  Release  5 


Evaluation  Date:  23  July  1984 


The  rating  given  to  the  evaluated  system  (viz.,  Cl)  is  the  highest  level  of  the  Criteria  at  which 
the  system  satisfies  all  the  specified  requirements.  The  "range  of  feasible  use”  is  intended 
to  convey  the  overall  system  integrity  level  of  the  system  as  it  is  delivered  by  the  vendor 
and  indicates  that  this  system  could  be  used  in  an  environment  requiring  an  evaluation 
class  within  this  range  so  long  as  the  missing  features  are  not  essential  to  the  operational 
capability.  For  a  complete  description  of  how  RACF /MVS  satisfies  each  requirement  of  the 
Criteria,  see  Final  Evaluation  Report,  Resource  Access  Control  Facility  (RACF),  Version  1, 
Release  5  (Report  No.  CSC-EPL-84/001). 
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Serial  No. 


CSC-EPL-84/002 


EVALUATED  PRODUCT: 
VENDOR: 

VERSIONS: 

DATE: 

OVERALL  EVALUATION  CLASS: 


PRODUCT  DESCRIPTION: 

The  ACF2  security  subsystem  is  designed  to  provide  security  for  data  stored  on  computer 
systems  using  the  IBM  MVS  or  VSI  operating  systems.  ACF2  provides  protection  by  default 
for  data  sets  resident  on  Direct  Access  Storage  Devices  (DASDs),  IBM  3850  Mass  Storage 
System  (MSS)  and  tape  volumes.  Protection  levels  of  READ,  WRITE,  ALLOCATE  (alloca¬ 
tion,  rename,  scratch  and  catalog  functions)  and  EXECUTE-only  are  supported.  Interfaces 
between  ACF2  and  many  popular  commercial  software  products  are  provided  by  SKK.  These 
software  products  include  Information  Management  System  (IMS)  and  Customer  Informa¬ 
tion  Control  System  (CICS)  by  IBM. 

EVALUATION  SUMMARY: 

The  security  protection  provided  by  SKK’s  Access  Control  Facility  2  (ACF2)  Release  3.1.3 
running  with  Multiple  Virtual  Storage/ System  Product  (MVS/SP)  1.3.3  operating  system 
has  been  evaluated  by  the  Department  of  Defense  Computer  Security  Center  (DoDCSC). 
The  security  features  of  the  ACF2/MVS  were  tested  against  the  requirements  specified 
by  theDepartment  of  Defense  Trusted  Computer  System  Evaluation  Criteria  (the  Criteria), 
dated  15  August  1983. 

The  DoDCSC  evaluation  team  has  determined  that  the  highest  class  at  which  ACF2/MVS 
satisfies  all  the  specified  requirements  of  the  Criteria  is  class  C2. 

The  overall  system  integrity  level  of  the  ACF2/MVS  is  C2.  ACF2/MVS  can  not  meet  higher 
levels  of  the  Criteria  without  significant  modification  or  reimplementation  of  a  major  fraction 
of  MVS  and  its  supporting  subsystems. 

The  evaluation  of  ACF2  was  conducted  on  the  MVS  operating  system  only.  The  integrity 
of  ACF2  is  dependent  upon  the  integrity  of  the  MVS  system  itself. 


Access  Control  Facility  2  (ACF2) 
SKK,  Inc. 

ACF2  Release  3.1.3 
3  August  1984 
C2 
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The  rating  given  to  the  evaluated  system  (viz.,  C2)  is  the  highest  level  of  the  Criteria  at  which 
the  system  satisfies  all  the  specified  requirements.  The  ’’range  of  feasible  use”  is  intended 
to  convey  the  overall  system  integrity  level  of  the  system  as  it  is  delivered  by  the  vendor 
and  indicates  that  this  system  could  be  used  in  an  environment  requiring  an  evaluation 
class  within  this  range  so  long  as  the  missing  features  are  not  essential  to  the  operational 
capability. 
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I  I  Does  Not  Satisfy  the  Requirement  For  This  Class 
No  Requirements  For  This  Class 
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f^l  Meets  or  Exceeds  the  Requirements  For  This  Class 

Credit  given  above  the  overall  rating  recongnizes 
mechanisms  Implemented  beyond  those  strictly  required 
within  the  assigned  rating  class.  Security  testing  was  not 
conducted  above  the  rated  level,  and  the  reader  should 
not  infer  any  assurance  above  this  level. 


System  Name: 

SKK 

Access  Control  Facility  (ACF2) 
Release  3.1.3 


Evaluation  Date:  3  August  1984 


For  a  complete  description  of  how  ACF2/MVS  satisfies  each  requirement  of  the  Criteria,  see 
Final  Evaluation  Report,  SKK  Access  Control  Facility  2  (ACF2),  Release  3.1.3  (Report  No. 
CSC-EPL-84/002). 
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Serial  No. 


CSC-EPL-85/002 


EVALUATED  PRODUCT:  TOP  SECRET 

VENDOR:  CGA  Software  Products  Group,  Inc. 

VERSIONS:  Version  3.0  Level  163  with 

Feature  Option  t^43 

DATE:  2  April  1985 

OVERALL  EVALUATION  CLASS:  C2 


PRODUCT  DESCRIPTION 

TOP  SECRET  is  an  add-on  security  package  developed  by  CGA  Software  Products  Group, 
Inc.  for  IBM’s  Multiple  Virtual  Storage  (MVS)  operating  system.  TOP  SECRET  provides 
default  protection  of  system  facilities,  data  sets  resident  on  DASD  devices,  and  DASD  and 
tape  volumes.  TOP  SECRET  also  provides  the  capability  for  decentralized  access  control 
through  several  layers  of  security  administration,  extensive  audit  features  (both  on-line  and 
batch),  and  the  capability  to  gradually  implement  the  security  provided  by  the  TOP  SE¬ 
CRET  package. 

Interfaces  between  TOP  SECRET  and  many  commercial  software  products  are  provided 
by  CGA.  These  include:  Information  Management  System  (IMS),  Customer  Information 
Control  System  (CICS),  ROSCOE,  COMPLETE,  TSO,  IDMS,  PANVALET,  and  others. 

EVALUATION  SUMMARY: 

TOP  SECRET  Version  3.0  Level  163  running  with  IBM’s  Multiple  Virtual  Storage/System 
Product  (MVS/SP)  operating  system  has  been  evaluated  by  the  Department  of  Defense 
Computer  Security  Center  (DoDCSC).  The  security  provided  by  TOP  SECRET  was  eval¬ 
uated  against  the  requirements  specified  in  the  Department  of  Defense  Trusted  Computer 
System  Evaluation  Criteria  (the  Criteria)  dated  15  August  1983. 

The  DoDCSC’s  evaluation  team  has  determined  that  the  highest  class  for  which  TOP  SE¬ 
CRET  Version  3.0  satisfies  all  the  requirements  of  the  Criteria  is  class  C2.  Note  that  this 
rating  is  applicable  only  to  TOP  SECRET  configured  as  detailed  in  the  final  evaluation  re¬ 
port.  TOP  SECRET  does  not  satisfy  the  requirements  for  any  of  the  B  levels  as  it  does  not 
provide  labelling  capabilities  and  thus  does  not  possess  a  mandatory  access  control  mecha¬ 
nism. 

A  class  B1  rating  is  considered  attainable  but  would  require  a  significant  amount  of  work  to 
implement  the  necessary  mechanisms.  TOP  SECRET  could  not,  however,  evolve  to  a  class 
higher  than  B1  without  a  major  reimplementation  of  the  majority  of  the  MVS  operating 
system  and  its  subsystems. 
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At  the  time  of  the  evaluation,  TOP  SECRET  Version  3.0  ran  only  with  the  MVS  operating 
system.  The  overall  integrity  of  the  TOP  SECRET  package  is  directly  dependent  upon  the 
integrity  of  the  MVS  system  itself. 
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Credit  given  above  the  overall  rating  recongnizes 
mechanisms  implemented  beyond  those  strictly  required 
within  the  assigned  rating  class.  Security  testing  was  not 
conducted  above  the  rated  level,  and  the  reader  should 
not  infer  any  assurance  above  this  level. 


System  Name: 

CGA  Software  Products  Group,  Inc. 
TOP  SECRET 
Version  3.0 


Evaluation  Date:  2  April  1985 


The  figure  above  indicates  the  requirements  and  corresponding  level  that  TOP  SECRET/MVS 
satisfies. The  rating  given  to  the  evaluated  system  (viz.,  C2)  is  the  highest  level  of  the  Crite¬ 
ria  at  which  the  system  satisfies  all  the  specified  requirements.  The  ’’range  of  feasible  use” 
is  intended  to  convey  the  overall  system  integrity  level  of  the  system  as  it  is  delivered  by 
the  vendor  and  indicates  that  this  system  could  be  used  in  an  environment  requiring  an 
evaluation  class  within  this  range  so  long  as  the  missing  features,  if  any,  are  not  essential  to 
the  operational  capability.  For  a  complete  description  of  how  TOP  SECRET/MVS  satisfies 
each  requirement  of  the  Criteria,  see  Final  Evaluation  Report,  TOP  SECRET  Version  3.0 
(Report  No.  CSC-EPL-85/002). 
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SUBSYSTEM  EPL  ENTRIES 


Serial  No. 


CSC-EPL-86/001 


EVALUATED  PRODUCT: 
VENDOR: 

VERSIONS: 

DATE: 


Gordian  Systems  Access  Key 
Gordian  Systems  Incorporated 
A.OO 

7  April  1986 


PRODUCT  DESCRIPTION 

The  Gordian  Systems  Access  Key  product  is  a  user  authentication  mechanism  for  use  with 
computer  systems  that  either  lack  a  user  authentication  capability  or  require  additional 
authentication  assurance.  The  Access  Key  product  is  a  ’’challenge/response  device.  After  a 
user  has  identified  himself  to  the  host  system,  the  Access  Key  system  ’’challenges”  the  user  by 
flashing  a  stimulus  on  the  terminal  screen  and  waits  for  the  user  to  enter  the  proper  password 
’’response”.  The  user  attains  the  correct  password  by  holding  the  Access  Key  device  to  the 
terminal  screen  and  allowing  it  to  read  and  decrypt  the  visual  challenge.  The  Access  Key 
device  returns  the  appropriate  six-character  password  on  its  LCD  display.  The  Access  Key 
system  consists  of  the  domino-sized  Access  Key,  software  that  is  integrated  with  the  host 
system,  and  a  ’’Key  Cutter”  device  that  initializes  each  Key  with  a  unique  encryption  profile. 

EVALUATION  SUMMARY: 

The  Gordian  Systems  Access  Key  product  has  been  evaluated  against  the  user  authentication 
requirements  specified  by  the  Department  of  Defense  Trusted  Computer  System  Evaluation 
Criteria,  dated  15  August  1983.  The  NCSC  evaluation  team  has  determined  that  the  Access 
Key  system  is  an  effective  user  authentication  mechanism.  It  can  provide  a  user  authenti¬ 
cation  capability  for  computer  security  architectures  that  lack  such  a  feature.  In  addition, 
authentication  assurance  could  be  enhanced  by  coupling  the  Access  Key  System  with  an 
existing  authentication  scheme. 

The  product  satisfies  vendor  claims  regarding  its  effective  use  as  described  in  the  Gordian 
Systems  Access  Management  Brochure,  August  1985.  The  product  is  able  to  uniquely  iden¬ 
tify  each  user,  but  it  does  not  provide  protection  for  the  host-resident  user  authentication 
data.  The  Access  Key  documentation  clearly  states  that  the  product  is  intended  for  inte¬ 
gration  with  a  security  system  that  can  restrict  access  to  the  Access  Key  software  and  data 
residing  on  the  host.  The  functional  integrity  of  the  Access  Key  system  depends  upon  the 
degree  of  protection  the  host  provides  to  this  software  and  data. 


4-3d.l 


Serial  No. 


CSC-EPL-86/002 


EVALUATED  PRODUCT:  CPP-300  Trusted  Path  Port  Protector 


VENDOR: 


Codercard  Incorporated 


VERSIONS: 


1  August  1985 


DATE: 


7  April  1986 


PRODUCT  DESCRIPTION 

The  Codercard  Trusted  Path  Port  Protector  is  a  user  authentication  mechanism  for  use 
with  computer  systems  that  either  lack  a  user  authentication  capability  or  require  addi¬ 
tional  authentication  assurance.  It  is  designed  to  operate  in  pairs,  and  to  protect  a  single 
asynchronous  communications  path  between  computers  or  equivalent  devices  such  as  termi¬ 
nals.  In  order  for  the  authentication  to  be  successful,  the  Codercard  Reader  at  each  end  of 
the  communication  line  exchanges  a  series  of  random  numbers  with  the  Codercard  at  the 
other  end.  In  this  way,  a  two-way  challenge  and  response  authentication  is  accomplished. 
Only  after  exchanges  have  been  completed  successfully  in  both  directions  is  access  to  the 
communication  line  granted. 

EVALUATION  SUMMARY: 

The  Codercard  Trusted  Path  Port  Protector  has  been  evaluated  against  the  user  authentica¬ 
tion  requirements  specified  by  the  Department  of  Defense  Trusted  Computer  System  Evalu¬ 
ation  Criteria,  dated  15  August  1983.  The  NCSC  evaluation  team  has  determined  that  the 
Trusted  Path  Port  Protector  is  an  effective  user  authentication  mechanism.  The  CPP-300 
is  not  intended  to  encrypt  data  that  goes  over  communication  links  but  merely  to  generate 
pseudo  random  numbers  and  perform  a  handshaking  protocol  that  authenticates  the  identity 
of  both  ends  of  the  communication  link.  Thus  it  is  not  intended  to  provide  any  protection 
against  eavesdropping.  In  addition,  the  CPP-300  does  not  provide  the  assurance  that  users 
are  communicating  with  the  trusted  software  on  the  host  computer  system.  However,  it  does 
assure  the  user  that  he  is  communicating  with  the  correct  host  system’s  CPP-300,  and  that 
the  user  accessing  the  system  has  a  valid  Codercard.  The  evaluation  team  recommends  the 
CPP-300  as  another  barrier  to  deny  unauthorized  users  access  to  a  computer  system  rather 
than  as  a  replacement  for  other  identification  and  authentication  mechanisms. 


4-3d.2 


Serial  No. 


CSC-EPL-86/005 


EVALUATED  PRODUCT: 
VENDOR: 

VERSIONS: 

DATE: 


Watchdog  PC  Data  Security 

Fischer  International 

4.1 

24  October  1986 


PRODUCT  DESCRIPTION 

Watchdog  is  an  IBM  PC/XT  or  compatible  software  package  which  provides  user  access 
control  to  programs  and  files  (discretionary  access  control),  user  logon  procedures  (identi¬ 
fication  and  authentication),  user  auditing  (audit),  and  object  reuse.  In  addition  to  these 
highly  desirable  security  features.  Watchdog  also  provides  some  protection  against  unautho¬ 
rized  attempts  to  either  accidentally  or  maliciously  format  or  access  the  data  stored  on  the 
fixed  disk.  Watchdog  provides  additional  data  protection  by  encrypting  stored  information. 

EVALUATION  SUMMARY: 

The  Watchdog  PC  Data  Security  Product  has  been  evaluated  against  the  user  identification 
and  authentication,  discretionary  access  control,  object  reuse,  and  audit  requirements  spec¬ 
ified  by  the  Department  of  Defense  Trusted  Computer  System  Evaluation  Criteria  dated  15 
August  1983. 

The  NCSC  evaluation  team  has  determined  that  the  Watchdog  PC  Data  Security  prod¬ 
uct,  when  configured  as  tested,  does  effectively  implement  these  mechanisms.  This  product 
maintains  user  identification  and  authentication  by  requiring  each  user  to  enter  a  proper  user 
ID  and  password  prior  to  gaining  access  to  the  computer.  Watchdog  also  mediates  access 
between  users  and  protected  files.  Users  are  only  allowed  to  access  (i.e.,  read,  read/write,  or 
create)  those  files  for  which  access  permissions  have  been  specifically  granted  by  the  System 
Administrator. 

In  the  process  of  mediating  user  access,  this  product  maintains  an  audit  record  of  users 
actions  (e.g.,  user  attempts  to  access  protected  files  -  both  success  and  failure,  user  logon, 
user  logoff,  etc.).  Watchdog  also  modifies  the  lasf  user  work  space  such  that  the  next  user 
will  not  be  able  to  recover  any  of  the  first  user’s  data.The  evaluation  team  has  determined 
that  these  security  features  can  be  maintained  only  if  the  general  user  is  prevented  from 
modifying  Watchdog’s  operating  code.  Therefore,  the  system  administrator  must  ensure 
that  the  application  programs  run  by  the  users  do  not  allow  the  user  direct  access  to  the 
IBM  DOS  operating  system  (e.g.,  programs  which  can  be  used  to  modify  system  code;  DOS 
commands,  compilers,  assemblers,  etc.). 
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Serial  No.  CSC-EPL-86/006 

EVALUATED  PRODUCT:  Sytek  PFX  A2000/A2100  (PFX  Passport) 

VENDOR:  Sytek,  Inc. 

DATE:  19  November  1986 

PRODUCT  DESCRIPTION 

The  Sytek  PFX  (model  numbers  A2000  or  A2100)  in  conjunction  with  the  PFX  Passport 
is  intended  to  serve  as  a  user  authentication  mechanism  for  use  with  a  wide  range  of  host 
architectures.  The  Sytek  PFX  A2000  which  runs  on  a  PC/AT  (or  compatible),  and  the  Sytek 
PFX  A2100  which  runs  on  a  PC,  PC/XT  and  PC/AT  computers  were  both  evaluated  by 
the  National  Computer  Security  Center.  Each  of  these  systems  consists  of  a  microcomputer 
(IBM  PC/AT  or  compatible),  associated  software,  and  a  handheld  Passport  device.  For  use, 
a  system  user  enters  his  personal  identification  number  into  the  Passport.  He  then  enters  his 
login  identification  to  the  host  system  which  prompts  him  with  a  seven  digit  challenge  and 
waits  for  a  response.  This  challenge  is  entered  into  the  Passport  device  which  combines  it 
with  seed  information  producing  a  seven  digit  response.  The  user  then  enters  this  response 
to  the  host  machine  which  allows  him  to  proceed  if  the  challenge  response  is  equivalent  to 
the  one  generated  by  the  PFX  A2000  system. 

EVALUATION  SUMMARY: 

The  PFX  A2000  and  A2100  were  evaluated  by  the  National  Computer  Security  Center  under 
the  Center’s  Computer  Security  Sub- System  evaluation  program.  Since  they  were  a  security 
sub-system,  rather  than  a  complete  computer  system,  they  were  not  evaluated  against  an 
entire  class  in  the  Department  of  Defense  Trusted  Computer  System  Evaluation  Criteria, 
dated  15  August  1983.  Rather,  they  were  assessed  as  to  how  well  they  performed  User 
Authentication  and  Audit. 

The  evaluation  team  has  determined  that  the  PFX  A2000  and  A2100  provide  a  useful  and 
effective  user  authentication  mechanism.  They  can  provide  user  authentication  for  computer 
systems  lacking  such  a  feature  or,  by  using  it  in  conjunction  with  an  existing  authentication 
mechanism,  can  enhance  authentication  assurance.  A  small  number  of  host  system  subrou¬ 
tines  must  be  written  to  facilitate  communication  between  the  host  and  the  PFX  A2000 
server.  Therefore,  special  care  must  be  taken  to  ensure  that  the  host  system  incorporates 
some  security  mechanism  to  restrict  users  from  rerouting  the  requests  from  the  host  machine 
to  the  server. 
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EVALUATED  PRODUCT: 


Serial  No.  CSC-EPL-87/001 

Access  Control  Encryption  (ACE)  System 


VENDOR:  Security  Dynamics,  Inc. 

VERSIONS:  1986,  16  port  hardware  version 

DATE:  31  March  1987 

PRODUCT  DESCRIPTION 

The  Security  Dynamics’  ACE  system  can  be  an  effective  addition  to  security  in  a  wide 
variety  of  computer  environments.  ACE  is  an  integrated  hardware/software  package  which 
provides  user  identification  and  authentication  (I&A),  trusted  path  to  host,  and  audit  on  I&A 
mechanisms  for  a  host  computer  system.  It  is  comprised  of  two  distinct  components.  The 
first,  the  Access  Control  Module  (ACM),  is  a  stand-alone  device  that  is  installed  such  that  all 
communication  channels  to  the  host  system  must  pass  through  its  protection  mechanisms. 
ACE’s  stand-alone  design  provides  basic  security  mechanisms  to  computer  systems  that 
implement  no  security  mechanisms  of  their  own.  The  second  component  is  the  SecurlD  card 
which  every  user  must  possess  in  order  to  identify  himself  to  the  ACM. 

EVALUATION  SUMMARY: 

The  ACE  system  has  been  evaluated  by  the  National  Computer  Security  Center  (NCSC) 
under  the  Computer  Security  Sub-system  evaluation  program.  Since  ACE  is  considered  to  be 
a  security  sub-system  rather  than  being  a  complete  computer  system,  it  was  evaluated  against 
a  relevant  subset  of  the  requirements  from  the  Department  of  Defense  Trusted  Computer 
System  Evaluation  Criteria,  dated  26  December  1985.  The  subset  for  this  product  includes 
I&A,  trusted  path,  and  audit  for  I&A.  The  NCSC  evaluation  team  has  determined  that  the 
ACE  system,  when  configured  as  tested,  does  effectively  implement  these  mechanisms.  This 
product  maintains  I&A  by  denying  access  to  the  host  system  until  the  user  has  provided  a 
correct  passcode.  The  ACE  system  provides  trusted  path  by  effectively  identifying  itself  to 
the  user  before  requiring  any  authentication  data  to  be  input.  All  attempts  to  access  the 
ACM,  or  the  host  via  the  ACM,  are  audited  by  the  ACE  system.  The  ACE  audit  reports 
are  complete  and  detailed. 
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Serial  No. 


CSC-EPL-87/002 


EVALUATED  PRODUCT: 


SafeWord  UNIX- Safe 


VENDOR: 


Enigma  Logic,  Inc. 


VERSION: 


3.1 


DATE: 


30  June  1987 


PRODUCT  DESCRIPTION 

SafeWord  UNIX-Safe  (SafeWord)  is  a  software  package  which,  when  running  under  the 
XENIX  operating  system,  provides  an  Identification  and  Authentication  (I&A)  mechanism 
for  users,  and  auditing  of  this  mechanism  (audit).  The  security  mechanisms  can  be  used  ei¬ 
ther  independently  or  as  supplements  to  those  already  provided  by  the  underlying  operating 
system.  The  I&A  mechanism  requires  that  each  user  first  provide  a  user  identifier  (ID).  This 
ID  is  used  by  SafeWord  to  generate  a  challenge  for  the  user.  The  user  must  first  enter  his 
personal  identification  number  and  then  the  challenge  into  a  small,  hand-held  pseudo-random 
number-generating  device.  In  return,  the  hand-held  device  generates  a  response  with  which 
the  user  may  then  complete  the  login  sequence  to  the  host  system. 

EVALUATION  SUMMARY: 

SafeWord  UNIX-Safe  has  been  evaluated  by  the  National  Computer  Security  Center  (NCSC) 
under  the  Computer  Security  Sub-system  evaluation  program.  Since  SafeWord  is  considered 
to  be  a  security  sub-system  rather  than  a  complete  trusted  computer  system,  it  was  evaluated 
against  a  relevant  subset  of  the  requirements  in  the  Department  of  Defense  Trusted  Computer 
System  Evaluation  Criteria,  dated  December  1985.  The  subset  for  this  product  includes  I&A 
and  audit  for  the  I&A. 

The  NCSC  evaluation  team  has  determined  that  SafeWord,  when  configured  as  tested,  does 
effectively  implement  these  mechanisms.  This  product  maintains  I&A  by  denying  access 
to  the  host  system  until  the  user  has  provided  an  appropriate  ID  and  the  correct  response 
to  the  subsequently  issued  challenge.  All  attempts  to  log  in  to  the  system  are  audited  by 
SafeWord.  The  audit  reports  are  complete  and  detailed. 
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Serial  No. 


CSC-EPL-87/004 


EVALUATED  PRODUCT: 
VENDOR: 

VERSIONS: 

DATE: 


Sentinel  Security  System 
Computer  Security  Corporation 
3.13 

13  July  1987 


PRODUCT  DESCRIPTION 

Triad  Plus  is  an  add-on  security  product  which,  when  implemented  on  any  IBM  PC/XT  or 
PC/AT  configured  as  tested,  provides  user  Identification  and  Authorization  (I&A),  Discre¬ 
tionary  Access  Control  (DAC)  on  objects,  DAC  on  system  resources  (RAC),  Object  Reuse, 
and  Audit  mechanisms.  Once  a  user  has  logged  onto  the  workstation,  these  mechanisms  are 
essentially  transparent.  Unless  the  user  attempts  to  exceed  his  defined  privileges,  the  only 
noticeable  difference  is  a  slight  degradation  in  workstation  performance. 

Triad  Plus  is  comprised  of  an  expansion  board,  personal  identification  tokens,  and  some 
supporting  software  utilities.  The  expansion  board  itself  provides  all  of  the  security  mecha¬ 
nisms.  These  mechanisms  are  used  in  conjunction  with  a  personal  identification  token  which 
is  used  to  provide  a  physical  element  in  the  authentication  process.  The  software  utilities 
are  provided  for  the  convenience  of  users.  However,  some  utilities  are  privileged;  only  a 
workstation  administrator  may  use  them. 

Triad  Plus  uses  an  intricate  memory  management  scheme,  referred  to  as  the  Controlled 
Access  Mechanism  (CAM),  to  protect  the  resources  on  its  expansion  board.  The  CAM 
disallows  random  access  to  the  information  on  the  board  by  only  allowing  access  through 
specific  controlled  entry  points  within  the  workstation’s  address  space. 

EVALUATION  SUMMARY: 

Triad  Plus  has  been  evaluated  by  the  National  Computer  Security  Center  (NCSC)  under 
the  Computer  Security  Sub-system  evaluation  program.  Since  Triad  Plus  is  considered  to 
be  a  security  sub-system  rather  than  a  complete  trusted  computer  system,  it  was  evaluated 
against  a  relevant  subset  of  the  requirements  in  the  Department  of  Defense  Trusted  Computer 
System  Evaluation  Criteria  (TCSEC),  dated  December  1985.  The  subset  for  this  product 
includes  I&A,  DAC,  Object  Reuse,  and  Audit.  In  addition  to  the  TCSEC  features.  Triad 
Plus  was  found  to  effectively  implement  a  technology,  referred  to  as  the  CAM. 

The  NCSC  evaluation  team  has  determined  that  Triad  Plus  is  capable  of  applying  these 
security  features  to  any  IBM  PC/XT  OR  PC/AT.  Users  are  required  to  properly  identify 
and  authenticate  themselves  before  any  access  to  the  workstation  is  allowed  and,  after  being 
properly  authenticated,  workstation  activity  is  controlled  and  monitored  by  the  Triad  Plus 
expansion  board. 
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Serial  No. 


CSC-EPL-87/008 


EVALUATED  PRODUCT:  SureKey 

VENDOR:  Key  Concepts,  Inc. 

DATE:  4  September  1987 


PRODUCT  DESCRIPTION 

SureKey  is  a  user  authentication  mechanism  for  use  with  the  IBM  PC/XT  series  computers. 
The  SureKey  system  consists  of  a  plug-in  card  which  is  inserted  into  the  BASIC  ROM 
socket  on  a  mother  board  of  an  IBM  PC/XT  (i.e.,  it  does  not  occupy  a  bus  expansion  slot). 
SureKey  authenticates  potential  users  by  requiring  each  user  to  enter  a  valid  password  prior 
to  granting  access  to  the  system.  The  SureKey  administrator,  after  password  authentication, 
can  assign  the  system  administrator  password  and  up  to  five  user  passwords  through  the  use 
of  administrator  menus.  These  passwords  are  from  three  to  eight  alpha-numeric  characters. 
SureKey  also  provides  a  method  with  which  an  authenticated  user  can  lock  the  system 
keyboard. 

EVALUATION  SUMMARY: 

The  SureKey  system  has  been  evaluated  by  the  National  Computer  Security  Center  (NCSC) 
under  the  Computer  Security  Subsystem  evaluation  program.  Since  SureKey  is  considered 
to  be  a  security  subsystem  rather  than  being  a  complete  computer  system,  it  was  evaluated 
against  a  relevant  subset  of  the  requirements  from  the  Department  of  Defense  Trusted  Com¬ 
puter  System  Evaluation  Criteria  (Criteria),  date  December  1985.  SureKey  was  assessed  as 
to  how  well  it  performs  user  authentication.  The  evaluation  team  has  determined  that  the 
SureKey  system,  when  configured  as  tested,  provides  some  user  authentication  for  an  IBM 
PC/XT.  The  SureKey  system  does  not  fully  implement  the  identification  and  authentica¬ 
tion  requirement  as  stated  in  the  Criteria,  in  that  it  only  authenticates  a  user  but  does  not 
perform  user  identification. 
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Serial  No. 


CSC-EPL-88/001 


EVALUATED  PRODUCT: 


IDX-50 


VENDOR: 


IDENTIX  Corporation 


VERSIONS: 


Version  7 


DATE: 


1  February  1988 


PRODUCT  DESCRIPTION 

IDX-50  is  a  security  product  which  uses  biometrics  to  provide  user  authentication  to  a  host 
computer.  IDX-50  supplies  the  information  based  on  a  comparison  made  between  a  user’s 
fingerprint  and  a  record,  stored  on  a  smart  card,  which  represents  the  user’s  fingerprint.  The 
result  of  this  comparison  (either  confirmed  or  denied)  is  sent  to  the  host  system.  The  IDX-50 
is  comprised  of  a  stand-alone  terminal  and  a  smart  card  for  every  user  of  the  system. 

EVALUATION  SUMMARY: 

IDX-50  is  a  security  product  which  uses  biometrics  to  provide  user  authentication  to  a  host 
computer.  IDX-50  supplies  the  information  based  on  a  comparison  made  between  a  user’s 
fingerprint  and  a  record,  stored  on  a  smart  card,  which  represents  the  user’s  fingerprint.  The 
result  of  this  comparison  (either  confirmed  or  denied)  is  sent  to  the  host  system.  The  IDX-50 
is  comprised  of  a  stand-alone  terminal  and  a  smart  card  for  every  user  of  the  system.  IDX-50 
Version  7  has  been  evaluated  by  the  National  Computer  Security  Center  (NCSC)  under  the 
Computer  Security  Sub-system  evaluation  program.  IDX-50  is  considered  to  be  a  security 
sub-system  rather  than  a  complete  trusted  computer  system.  Therefore,  it  was  evaluated 
against  a  relevant  subset  of  the  requirements  in  the  Department  of  Defense  Trusted  Computer 
System  Evaluation  Criteria,  dated  December  1985.  Specifically,  the  features  included  in  this 
evaluation  were  Identification  and  Authentication  (I&A)  and  audit  of  the  I&A. 

The  NCSC  evaluation  team  has  determined  that  the  IDX-50  can  apply  these  features  to  any 
host  system  which  provides  the  ability  to  accept  I&A  information  from  the  IDX-50  terminal. 
The  host  must  be  able  to  make  access  decision  based  on  the  information.  The  host  software 
which  provides  these  features  must  be  protected  from  modification  by  users.  The  IDX-50 
does  not  include  any  host  software. 
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Serial  No. 


CSC-EPL-88/002 


EVALUATED  PRODUCT:  Cortana  Personal  Computer  Security  System 


VENDOR: 


Cortana  Systems  Corporation 


VERSION: 


1.21 


DATE: 


18  February  1988 


PRODUCT  DESCRIPTION 

The  Cortana  Systems  Corporation,  Cortana  Personal  Computer  Security  System  Version 
1.21  is  an  IBM  PC/XT,  PC/AT,  and  compatible  hardware  and  software  package  which  pro¬ 
vides  user  access  control  to  programs  and  files  (Discretionary  Access  Control),  user  logon 
procedures  (Identification  and  Authentication),  user  auditing  (Audit),  and  secure  realloca¬ 
tion  of  memory  (Object  Reuse).  In  addition  to  these  highly  desirable  security  features,  the 
Cortana  Personal  Computer  Security  System  also  provides  protection  against  unauthorized 
DOS  function  and  procedure  calls. 

EVALUATION  SUMMARY: 

The  Cortana  Personal  Computer  Security  System  product  has  been  evaluated  against  the 
user  identification  and  authentication,  discretionary  access  control,  object  reuse,  and  audit 
requirements  specified  by  the  Department  of  Defense  Trusted  Computer  System  Evaluation 
Criteria,  dated  December  1985.  The  National  Computer  Security  Center  (NCSC)  evaluation 
team  has  determined  that  the  Cortana  Personal  Computer  Security  System,  when  configured 
as  tested,  may  implement  these  mechanisms. 

This  product  maintains  user  identification  and  authentication  by  requiring  each  user  to 
enter  a  proper  user  ID  and  password  before  gaining  access  to  the  computer.  It  also  mediates 
access  between  users  and  protected  files.  Users  are  only  allowed  to  access  (i.e.,  read,  write, 
delete)  those  files  for  which  access  permissions  have  been  specifically  granted  by  the  System 
Administrator.  In  the  process  of  mediating  user  access,  this  product  maintains  an  audit 
record  of  user  actions  (e.g.,  user  attempts  to  access  protected  files  -  both  successes  and 
failures,  user  logon,  user  logoff,  etc.).  It  also  modifies  the  last  user  work  space,  such  that  the 
next  user  will  not  be  able  to  recover  any  of  the  first  user’s  data. 

The  evaluation  team  has  determined  that  these  security  features  can  be  maintained  only 
if  the  general  user  is  prevented  from  modifying  the  system  operating  code.  Therefore,  the 
System  Administrator  must  ensure  that  the  application  programs  run  by  the  users  do  not 
allow  direct  access  to  the  IBM  BIOS  (e.g.,  programs  which  can  be  used  to  modify  system 
code,  compilers,  assemblers,  etc.). 
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Serial  No. 


CSC-EPL-88/004 


EVALUATED  PRODUCT: 
VENDOR: 

DATE: 


DPS-800/12 

Spectrum  Manufacturing  Inc. 
2  MAY  1988 


PRODUCT  DESCRIPTION 

This  product  is  intended  to  provide  protection  for  computer  systems  with  RS-232  commu¬ 
nication  ports.  The  product  consists  of  a  DPS-800/12  unit  and  optional  UV-l’s  for  users. 
The  DPS-800/12  connects  between  the  host  and  its  modems. 

Without  UV-l’s,  users  can  gain  access  to  the  host  system  by  entering  their  DPS-800/12 
passwords.  At  which  point,  the  host’s  own  logon  sequence  may  be  executed. 

When  the  optional  UV-l’s  are  included  in  the  configured  system,  users  connect  the  unit 
between  their  terminal  and  external  modem.  Depending  on  the  type  of  UV-1,  the  DPS- 
800/12  will  operate  in  either  an  asynchronous  or  synchronous  mode.  In  the  asynchronous 
mode,  users  enter  a  password  and  after  it  is  verified,  a  control  sequence  is  generated  by 
the  UV-1  before  access  will  be  granted  to  the  host  system.  In  the  synchronous  mode,  only 
the  control  sequence  is  required  to  gain  access.  The  DPS-800/12  also  provides  auditing 
capabilities. 

EVALUATION  SUMMARY: 

The  DPS-800/12  is  a  considered  to  be  a  sub-system  rather  than  a  trusted  computer  system; 
therefore  it  was  evaluated  against  a  relevant  subset  of  the  requirements  from  the  Depart¬ 
ment  of  Defense  Trusted  Computer  System  Evaluation  Criteria  (TCSEC).  The  subset  of  the 
TCSEC  that  applies  to  DPS-800/12  included  Identification  &  Authentication  and  audit. 

The  DPS-800/12  provides  some  security  functionality  when  operating  in  the  asynchronous 
mode.  In  this  mode,  it  was  determined  that  the  DPS-800/12  was  able  to  identify  and 
authenticate  users  prior  to  giving  them  access  to  a  host  system.  All  additional  features  (e.g. 
port  and  time  restrictions)  performed  as  claimed. 

The  synchronous  mode  of  operation  was  not  evaluated  since  this  mode  failed  to  meet  the 
minimum  requirements  of  the  TCSEC  for  I&A. 

The  DPS-800/12  recorded  auditable  events  as  claimed.  However,  proper  administration  of 
passwords  is  required  to  maintain  individual  accountability  because  multiple  passwords  can 
be  assigned  to  the  same  UV-1  and  its  identifying  serial  number  appears  in  the  audit  log. 
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Serial  No. 


CSC-EPL-88/005 


EVALUATED  PRODUCT: 


DIALBACK 


VENDOR: 

VERSION: 

DATE: 


Clyde  Digital  Systems 
1.5 

29  August  1988 


PRODUCT  DESCRIPTION 

The  Clyde  Digital  Systems,  DIALBACK,  Version  1.5  is  an  add-on  security  product  which  is 
designed  to  provide  user  authentication  for  any  VAX/ VMS  system  by  providing  the  capa¬ 
bility  to  redial  users  at  their  pre-assigned  telephone  number.  It  consists  of  several  software 
utilities  that  are  designed  to  provide  the  security  mechanisms.  These  utilities  attempt  to 
provide  the  ability  to  control  dial-in  lines  and  include  database  management  utilities  that 
configure  the  product.  When  DIALBACK  is  installed,  these  utilities  are  copied  to  the  VMS 
system.  Once  there,  they  must  be  protected  through  the  use  of  VMS  security  mechanisms. 

EVALUATION  SUMMARY: 

Since  DIALBACK  is  a  security  sub-system  rather  than  a  complete  system,  it  was  not  eval¬ 
uated  against  an  entire  class  in  the  Department  of  Defense  Trusted  Computer  System  Eval¬ 
uation  Criteria,  dated  December  1985.  Rather,  it  was  assessed  as  to  how  well  it  performs 
user  authentication  and  audit  of  dial-in  events. 

The  evaluation  team  has  determined  that  DIALBACK  is  a  useful,  effective  authentication 
mechanism  when  configured  as  specified  in  the  evaluation  report  and  “Appendix  A”  of  the 
DIALBACK  Reference  Manual. 

Precaution  must  be  taken  in  the  administration  of  call-back  security  systems  because  they 
rely  on  the  proper  operation  of  generally  unsecure  telephone  systems.  Administrators  of 
call-back  security  systems  must  therefore  take  great  care  in  setting  up  such  a  system  so 
that  they  do  not  create  a  situation  that  instills  a  false  sense  of  security.  The  DIALBACK 
documentation,  specifically  “Appendix  A”,  does  an  excellent  job  of  pointing  out  the  necessary 
precautions  that  must  be  taken  in  order  to  secure  such  a  system. 
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Serial  No. 


CSC-EPL-88/006 


EVALUATED  PRODUCT:  Citadel  Security  Subsystem 


VENDOR:  Computer  Security  Corporation 

VERSION:  4.0 


DATE: 


August  30,  1988 


PRODUCT  DESCRIPTION 

Citadel  is  a  software  security  product  that  provides  additional  protection  to  the  IBM  PC  (XT 
and  AT)  and  fully  compatible  machines.  Citadel  provides  Identification  and  Authentication 
(I&A)  mechanisms,  Discretionary  Access  Control  (DAC)  of  files,  and  an  Audit  Trail  to 
maintain  a  record  of  users  and  their  actions.  I&A  consists  of  a  user  entering  a  valid  ID  and 
a  corresponding  password.  The  user  is  capable  of  changing  this  password  should  he  desire 
to  and  the  Central  Administrator  (CA)  can  mandate  the  length  of  time  that  the  password 
remains  valid.  DAC  allows  the  CA  to  control  who  has  access  to  what  files.  The  audit  trail 
contains  a  record  of  illegal  login  attempts,  file  accesses,  changes  to  passwords,  etc.  This 
version  was  installed  and  tested  on  an  IBM  AT,  whereas  the  previous  version  was  tested  on 
an  IBM  XT. 

EVALUATION  SUMMARY: 

Citadel,  being  a  subsystem  rather  than  a  full  computer  system,  can  not  be  given  a  rating 
according  to  the  Department  of  Defense  Trusted  Computer  System  Evaluation  Criteria  (Cri¬ 
teria),  and  can  only  be  evaluated  on  a  relevant  subset  of  the  requirements  for  the  trusted 
computer  system.  The  I&A  functioned  properly  requiring  a  user  ID  and  a  valid  password. 
Also,  the  system  crashed  when  five  consecutive  illegal  password  attempts  were  made.  The 
Discretionary  Access  Control  functioned  properly  also  in  that  the  CA  could  set  protection 
on  files  and  assign  access  rights  to  certain  users.  These  files  were  protected  through  file 
groups  and/or  departments.  If  the  user  had  access  to  the  given  file  group  or  department, 
then  he/she  could  obtain  the  files  within  these  groups.  The  audit  log  functioned  properly 
in  that  file  access  attempts,  illegal  login  attempts,  and  changes  to  passwords  are  recorded. 
These  entries  consist  of  the  user  name  and  number,  and  in  the  case  of  file  access  attempts, 
the  file  group  and/or  the  department  number.  This  file,  the  audit  file,  is  a  hidden  file  and 
therefore  can’t  be  tampered  with  by  users.  The  CA  should  clean  up  the  file  when  the  need 
arises. 
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Serial  No. 


CSC-EPL-88/007 


EVALUATED  PRODUCT: 


Private  Access 


VENDOR: 

VERSION  EVALUATED: 
DATE: 


Computer  Accessories,  Inc. 
Model  L20 
June  7,  1988 


PRODUCT  DESCRIPTION 

Private  Access  is  a  stand-alone  device  whose  security  mechanisms  protect  against  electronic 
tampering  as  long  as  the  system  passwords  remain  guarded.  This  product  provides  the 
remote  user  of  a  single-state  host  microprocessor  with  Identification  and  Authentication 
(I&A),  an  audit  of  I&A,  various  time  of  access  capabilities  and  a  limited  amount  of  access  to 
the  host  computer.  Greater  remote  access  can  be  gained  by  use  of  software  packages  which 
are  not  provided  by  the  vendor.  Up  to  100  different  user  ID/password  combinations  can 
be  utilized.  The  company  provides  a  very  thorough  operator’s  manual  which  describes  the 
security  administrator  and  standard  user’s  capabilities. 

EVALUATION  SUMMARY: 

Private  Access  Model  L20  has  been  evaluated  by  the  National  Computer  Security  Center 
(NCSC).  Private  Access  is  considered  to  be  a  security  sub-system,  rather  than  a  complete 
trusted  computer  system.  It  was  evaluated  against  the  relevant  subset  of  the  security  re¬ 
quirements  in  the  Department  Of  Defense  Trusted  Computer  System  Evaluation  Criteria, 
dated  December  1985.  The  subset  used  for  this  product  consisted  of  identification  and  au¬ 
thentication  (I&A). 

The  NCSC  evaluation  team  has  determined  that  Private  Access,  Model  L20  when  connected 
between  a  modem  and  a  host  Personal  Computer  by  RS-232C  configured  cables  performs 
I&A  and  audit  of  I&A  for  the  remote  host. 

Overall,  Private  Access  can  protect  one  Personal  Computer  from  unauthorized  access  over  a 
single  telephone  line.  However,  because  this  is  a  sub-system,  it  is  not  capable  of  protecting 
information  with  such  assurance  that  classified  information  may  be  maintained  on  a  system 
protected  only  by  this  system.  Neither  may  Private  Access  be  used  to  upgrade  the  protection 
offered  by  other  complete  security  systems  for  the  sole  purpose  of  adding  the  ability  to  store 
or  process  classified  material.  Private  Access  may  be  added  on  to  other  protection  devices 
to  add  another  layer  of  security  but  in  no  way  may  be  used  as  justification  for  processing 
classified  material. 
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Serial  No. 


CSC-EPL-88/008 


EVALUATED  PRODUCT: 


X-LOCK  50 


VENDOR: 

VERSION: 

DATE: 


Infosafe  Corporation 


2.00 


12  September  1988 


PRODUCT  DESCRIPTION 

X-LOCK  50  is  an  add-on  security  product  which,  when  implemented  on  any  IBM  PC/XT  or 
PC/AT  configured  as  tested,  provides  user  Identification  and  Authorization  (I&A),  a  limited 
form  of  Discretionary  Access  Control  (DAC),  and  a  limited  form  of  Object  Reuse  (OR).  Once 
a  user  has  logged  onto  the  workstation,  these  mechanisms  are  essentially  transparent.  If  the 
user  attempts  to  exceed  his  defined  privileges,  the  request  for  additional  privileges  will  be 
denied. 

X-LOCK  50  is  comprised  of  an  expansion  board,  some  supporting  software  utilities,  and  an 
external  cover  lock.  The  expansion  board  includes  the  firmware  which  controls  access  to 
the  computer  and  its  disk  drive  resources,  and  the  necessary  hardware  to  store  account  and 
system  information.  The  software  provides  programs  which  perform  account  management, 
and  secure  information  erasure,  and  other  additional  functions. 

EVALUATION  SUMMARY: 

X-LOCK  50  has  been  evaluated  by  the  National  Computer  Security  Center  (NCSC).  X- 
LOCK  50  is  considered  to  be  a  security  sub- system  rather  than  a  complete  trusted  computer 
system.  Therefore  it  was  evaluated  against  a  relevant  subset  of  the  requirements  from  the  De¬ 
partment  of  Defense  Trusted  Computer  System  Evaluation  Criteria  (TCSEC),  dated  Decem¬ 
ber  1985.  The  features  included  in  this  evaluation  where  Identification  and  Authentication, 
a  limited  form  of  Discretionary  Acess  Control,  and  a  limited  form  of  Object  Reuse. 

The  NCSC  evaluation  team  has  determined  that  X-LOCK  50,  when  configured  as  tested 
is  capable  of  applying  these  security  features  on  an  IBM  PC/XT  and  a  PC/AT.  I&A  is 
maintained  on  the  protected  computer  by  requiring  that  users  enter  a  valid  user  identification 
(ID)  and  password  prior  to  gaining  access  to  the  system.  The  discretionary  access  control 
is  implemented  on  a  limited  scale  by  allowing  or  denying  an  individual  user  access  to  the 
system  or  hard  disk.  Privileges  assigned  to  users  are  determined  by  the  superuser,  (the 
system  security  administrator)  when  user  accounts  are  being  established.  Object  reuse, 
which  is  implemented  at  the  user’s  discretion,  only  writes  over  specified  files  and  does  not 
take  into  consideration  other  locations  (e.g.,  memory  buffers)  which  could  contain  residual 
data. 
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Serial  No. 


CSC-EPL-89/002 


EVALUATED  PRODUCT:  INX  4400/USM 

VENDOR:  Infotron 

VERSION:  12A.2 

DATE:  6  June  1989 

OVERALL  EVALUATION  CLASS:  I  &  A  /  D 

PRODUCT  DESCRIPTION 

The  Infotron  Intelligent  Network  Exchange  with  the  User  Security  Module  option  (INX4400/USM) 
is  a  high  capacity  digital  data  switching  system  (front-end  connection  switch)  that  handles 
asynchronous  and  synchronous  data  transmissions.  It  uses  distributed  logic  and  master- 
slave  hierarchy  to  transfer  data  and  contol  signals  between  devices  that  interface  with  the 
INX4400/USM.  The  INX4400/USM  interfaces  conform  to  EIA  RS232C  (CCITT  V.24/V.28), 
and  CCITT  V.ll  and  V.35  standards.  The  INX4400/USM  can  include  up  to  4000  I/O  in¬ 
terfaces  and  can  consist  of  64  nodes.  Because  the  USM  solely  interacts  with  asyncronous 
devices,  this  evaluation  only  addresses  asynchronous  data  transmissions. 

The  INX4400/USM  system  software  is  a  menu  driven  program  executing  from  dual  mi¬ 
cro  floppy  drive.  The  program  controls  channel  configuration,  provides  security  features 
for  access  to  the  system  console,  provides  access  to  the  various  menus,  monitors  selected 
events,  and  enables  the  USM.  The  USM  is  a  security  option  of  the  INX4400.  It  allows  an 
administrator  to  assign  ID’s,  passwords,  and  Destinations  Access  Group  (DAG)  codes  to 
users.  This  option,  in  conjunction  with  the  system  software,  provides  the  Identification  and 
Authentication  (I&A). 

EVALUATION  SUMMARY: 

The  security  protection  provided  by  the  INX4400/USM  described  in  the  INX4400  Opera¬ 
tion  Manual  (part  number  950067,  dated  February  1988)  has  been  evaluated  by  the  National 
Computer  Security  Center  (NCSC).  The  security  features  of  the  INX4400/USM  were  evalu¬ 
ated  against  the  requirements  specified  by  the  Computer  Security  Subsystem  Interpretation 
of  the  DoD  Trusted  Computer  System  Evaluation  Criteria  (CSSI)  dated  September  1988. 

An  I&A  subsystem  requires  users  to  identify  themselves  to  it  before  they  perform  any  actions. 

A  subsystem  rated  as  an  I&:A/D2  system  must  provide  a  unique  identity  for  each  individual 
user  and  the  authentication  needed  to  provide  accountability  for  controlled  access  to  the 
protected  system,  export  user  identification  to  the  protected  system  (host),  and  an  auditing 
mechanism  to  log  security  relevant  I&A  events. 
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The  INX4400/USM  does  provide  individual  user  I&A  and  an  event  log,  but  the  INX4400/USM 
does  not  export  any  user  identification  to  the  host(s). 

The  INX4400/USM  meets  several  I&A/Dl  requirements,  but  a  product  must  meet  all  the 
requirements  of  a  given  class  to  be  given  that  class  rating.  Consequently,  the  INX4400/USM 
receives  a  I&A/D  rating. 
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Serial  No. 


CSC-EPL-89/006 


EVALUATED  PRODUCT: 
VENDOR: 

VERSION: 

EVALUATION  DATE: 

OVERALL  EVALUATION  CLASS: 


Tigersafe 

The  ALC  Group 

3.03.1 

21  September  1989 

I&A  /  D 
OR  /  D 


PRODUCT  DESCRIPTION 

The  Tigersafe  is  a  hardware  board  and  software  combination  that  does  Identification  & 
Authentication  and  Object  Reuse.  The  user  plugs  the  hardware  board  into  any  16  bit  slot 
on  the  IBM  PC/XT/ AT  or  compatible  and  installs  the  software  utilities  with  the  provided 
installation  program.  The  board  asserts  control,  once  loaded,  by  modifying  the  interrupt 
vector  table.  Tigersafe  invokes  its  own  code  that  controls  the  terminal  and  keyboard.  The 
net  result  is  a  password  banner  to  which  all  users  must  correctly  respond  to  access  the 
utilities  of  the  machine. 

The  software  utilities  provide  functional  control  of  the  Tigersafe  environment  along  with 
object  reuse  and  minimal  auditing.  Tigersafe  provides  Master  Administrator  utilities  that 
customize  the  Tigersafe  system  parameters,  initialize  users,  and  set  passwords.  Additionally, 
the  Master  Utilities  manage  user  access  to  the  hardware  resources  (hard  disk,  disk  drive, 
parallel  port,  serial  port,  communications  port,  etc.),  and  configuration  of  the  audit  tool. 
Usage  of  the  Master  Administrator  utilities  requires  an  additional  authentication  step.  There 
are  other  utilities  for  users  that  allow  them  to  change  their  password,  to  customize  the  banner 
and  to  invoke  the  password  banner  during  normal  operation,  all  with  authorization  checking 
and  optional  audit. 

EVALUATION  SUMMARY: 

The  National  Computer  Security  Center  (NCSC)  evaluated  the  security  protection  provided 
by  the  Tigersafe  against  the  requirements  specified  by  the  Computer  Security  Subsystem  In¬ 
terpretation  of  the  DoD  Trusted  Computer  System  Evaluation  Criteria  (CSSI)  dated  Septem¬ 
ber  1988. 

An  I&A  subsystem  requires  users  to  identify  themselves  to  it  before  they  do  anything  on 
the  system.  A  subsystem  rated  as  an  I&:A/D2  system  must  provide  a  unique  identifer  and 
authenticator  for  each  user.  Additionally,  it  must  use  those  items  to  control  access  to  the 
protected  system,  export  user  identification  to  the  protected  system  (host),  and  must  provide 
an  auditing  mechanism  to  log  security  relevant  I&A  events. 
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The  Tigersafe  does  provide  individual  user  I&A  and  an  event  log  and  exports  user  identi¬ 
fication  to  the  host.  Tigersafe  currently  does  not  meet  the  documentation  requirements  of 
I&A/D2  and  Object  Reuse/D2. 

The  Tigersafe  meets  several  I&A/D2  requirements,  but  products  must  meet  all  the  require¬ 
ments  of  a  given  class  to  receive  that  class  rating.  Therefore,  the  Tigersafe  receives  a  I&A/D 
and  Object  Reuse/D  rating. 

For  a  complete  description  of  how  the  Tigersafe  system  satisfies  each  requirement  of  the 
CSSI,  see  Final  Evaluation  Report,  ALC  Tigersafe  (Report  No.  CSC-EPL-89/006). 
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Serial  No. 


CSC-EPL-89/007 


EVALUATED  PRODUCT:  TriSpan 

VENDOR:  Micronyx 

VERSION:  1.1230 

EVALUATION  DATE:  29  September  1989 

OVERALL  EVALUATION  CLASS:  I&A  /  D 


DAC  /  D 
AUD  /  D 


PRODUCT  DESCRIPTION 

TriSpan  is  one  of  a  family  of  security  products  from  Micronyx.  These  products  manage  and 
control  access  to  the  IBM  PC/XT/AT.  The  product  consists  of  a  hardware  card,  electronic 
key-ringed  sized  tokens,  administrative  and  user  documentation,  and  application  software 
to  implement  its  security  features.  Once  installed,  TriSpan  provides  some  degree  of  I&A 

functionality.  The  degree  of  DAC  and  audit  that  TriSpan  provides  may  also  be  acceptable 
for  some  installations. 

EVALUATION  SUMMARY: 

The  National  Computer  Security  Center  (NCSC)  has  evaluated  the  security  protection  pro¬ 
vided  by  TriSpan.  The  security  features  for  DAC,  Audit,  and  I&A  of  TriSpan  were  evaluated 
against  requirements  of  the  Computer  Security  Subsystem  Interpretation  of  the  DoD  Trusted 
Computer  System  Evaluation  Criteria  (CSSI),  dated  September  1988. 

TriSpan  does  not  satisfy  the  assurance  and  documentation  requirements  mandated  by  the 
CSSI  for  an  I&A,  DAC,  and  Audit  component  subsystem.  TriSpan  therefore  receives  a  CSSI 
D  rating  in  each  of  these  components. 

An  I&A  subsystem  requires  users  to  identify  themselves  to  it  before  they  do  anything  on 
the  system.  ^  A  subsystem  rated  as  an  I&:A/D2  system  must  provide  a  unique  identifer 
and  authenticator  for  each  user.  Additionally,  it  must  use  those  items  to  control  access  to 
the  protected  system,  export  user  identification  to  the  protected  system  (host),  and  must 
provide  an  auditing  mechanism  to  log  security  relevant  I&A  events.  TriSpan  satisfies  the 
CSSI  functional  feature  requirement  for  I&A/D2.  However,  since  it  does  not  meet  the 
assurance  and  documentation  requirements  for  I&A  /  D2,  it  fails  to  meet  all  of  the  I&A  / 
D2  requrements,  and  consequently  receives  an  I&A  D  rating. 


4-3d.20 


A  DAC  subsystem  provides  user-specified,  controlled  sharing  of  resources.  Security  policies 
establish  the  rules  which  determine  whether  access  can  be  granted.  A  subsystem  rated  at 
DAC/D  fails  to  meet  all  the  requirements  of  a  higher  CSSI  class.  TriSpan  fails  to  meet  a 
higher  CSSI  feature  class  because  it  does  not  mediate  all  access  attempts  to  objects. 

An  auditing  subsystem  must  be  capable  of  recording  all  security  relevant  actions.  An  audit 
subsystem  with  D2  features  must  be  able  to  integrate  into  the  mechanisms  that  mediate 
access  and  perform  user  I&A.  It  must  always  be  invoked,  and  must  be  tamperproof.  TriSpan 
fails  to  meet  a  CSSI  feature  class  greater  than  D  because  non-priveleged  users  can  destroy  a 
significant  amount  of  audit  data. 

For  a  complete  description  of  how  TriSpan  satisfies  each  requirement  of  the  CSSI,  see  Final 
Evaluation  Report,  Micronyx  TriSpan  (Report  No.  CSC-EPL-89/007). 
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Serial  No. 


CSC-EPL-89/008 


EVALUATED  PRODUCT: 
VENDOR: 

VERSION: 

EVALUATION  DATE: 

OVERALL  EVALUATION  CLASS: 


MicroControl 

Wang  Laboratories,  Inc. 

MicroControl  version  1.0650 
MicroControl  Tempest  version  1.0660 

9  October  1989 

I&A  /  D 
DAC  /  D 
AUD  /  D 


PRODUCT  DESCRIPTION 

MicroControl  is  a  product  from  Wang  Laboratories  used  to  manage  and  control  access  to 
a  workstation,  the  WANG  Professional  Computer  200/300  series.  Version  1.0650  consists 
of  a  hardware  card,  electronic  key-sized  tokens,  administrative  and  user  documentation, 
and  version  specific  software  to  implement  its  security  features.  Version  1.0660  consists  of 
similar  components,  except  it  does  not  support  the  token  I&A  process.  Version  1.0660  also 
has  updated  documentation.  Once  installed,  MicroControl  provides  some  degree  of  I&A 
functionality. 

EVALUATION  SUMMARY: 

The  National  Computer  Security  Center  (NCSC)  has  evaluated  the  security  protection  pro¬ 
vided  by  MicroControl  against  the  Computer  Security  Sub-System  Interpretation  of  the  DOD 
Trusted  Computer  Systems  Evaluation  Criteria  (CSSI)  dated  September  1988. 

MicroControl  does  not  satisfy  the  assurance  and  documentation  requirements  mandated 
by  the  CSSI  for  an  I&A,  DAC,  and  Audit  component  subsystem.  MicroControl  therefore 
receives  a  CSSI  D  rating  in  each  of  these  components. 

An  I&A  subsystem  requires  users  to  identify  themselves  to  it  before  they  do  anything  on 
the  system.  A  subsystem  rated  as  an  I&A/D2  system  must  provide  a  unique  identifer 
and  authenticator  for  each  user.  Additionally,  it  must  use  those  items  to  control  access  to 
the  protected  system,  export  user  identification  to  the  protected  system  (host),  and  must 
provide  an  auditing  mechanism  to  log  security  relevant  I&A  events.  MicroControl  satisfies 
the  CSSI  functional  feature  requirement  for  I&:A/D2.  However,  since  it  does  not  meet  the 
assurance  and  documentation  requirements  for  I&A  /  D2,  it  fails  to  meet  all  of  the  I&A  / 
D2  requrements,  and  consequently  receives  an  I&A  D  rating. 


4-3d.22 


A  DAC  subsystem  provides  user- specified,  controlled  sharing  of  resources.  Security  policies 
establish  the  set  of  rules  that  MicroControl  uses  to  grant  or  deny  access.  A  subsystem  rated 
at  DAC/D  fails  to  meet  all  the  requirements  of  a  higher  CSSI  class.  MicroControl  fails  to 
meet  a  higher  CSSI  feature  class  because  it  does  not  mediate  all  access  attempts  to  objects. 

An  auditing  subsystem  must  be  capable  of  recording  all  security  relevant  actions.  An  auditing 
subsystem  must  be  able  to  integrate  into  the  mechanisms  that  mediate  access  and  perform 
user  I&A.  It  must  always  be  invoked,  and  must  be  tamperproof.  MicroControl  fails  to  meet 
a  CSSI  feature  class  greater  than  D  because  non-privileged  users  can  destroy  significant 
amount  of  audit  data. 

For  a  complete  description  of  how  MicroControl  satisfies  each  requirement  of  the  CSSI,  see 
Final  Evaluation  Report,  Wang  Laboratories  MicroControl  (Report  No.  CSC-EPL-89/008). 
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Serial  No. 


CSC-EPL-89/009 


EVALUATED  PRODUCT:  PC/DACS 

VENDOR:  Pyramid  Development  Corp. 

VERSION:  Release  2.0 

EVALUATION  DATE:  28  September  1989 

OVERALL  EVALUATION  CLASS:  DAC  /  D 

I&A  /  D 
OR  /  D 
AUD  /  D 


PRODUCT  DESCRIPTION 

PC/DACS  is  a  software  package  which  operates  on  an  IBM  PC,  PC/XT,  PC/AT,  or  lOOran- 
dom  access  memory  running  MS-DOS  or  PC-DOS  2.0  or  greater.  The  system  is  required 
to  also  have  at  least  one  floppy  disk  drive,  a  hard  disk  drive  and  a  monitor.  This  package 
adds  Identification  and  Authentication  (I&A),  Discretionary  Access  Control  (DAC),  Object 
Reuse  and  Audit  features  to  the  DOS  operating  system. 

This  product  provides  protection  of  the  following  system  objects  -  ports,  floppy  drives,  and 
files  (including  directory  and  drive).  The  subjects  are  defined  as  users  and  administrators. 
Administrators  are  the  only  privileged  subjects  and  all  administrators  are  equally  privileged. 
A  subject  must  first  logon  to  the  system  before  being  allowed  to  boot  or  use  the  system. 

The  team  noted  that  the  system  clock  which  is  used  by  Audit  for  timestamp  information 
is  not  protected  from  being  changed  by  any  user.  The  team  feels  this  is  a  problem  which 
should  be  addressed  in  the  next  release  of  the  product. 

EVALUATION  SUMMARY: 

The  National  Computer  Security  Center  has  evaluated  PC/DACS  against  the  requirements 
of  the  Computer  Security  Subsystem  Interpretation  of  the  DoD  Trusted  Computer  System 
Evaluation  Criteria  (CSSI)  dated  September  1988.  The  PC/DACS  implements  all  four  fea¬ 
tures  available  to  subsystems.  They  are  Discretionary  Access  Control  (DAC),  Object  Reuse, 
Identification  and  Authentication  (I&A),  and  Audit.  The  team  analyzed  the  requirements 
for  each  level  (Dl,  D2,  and  D3)  and  identified  the  highest  level  in  which  the  subsystem  meets 
each  feature. 

The  CSSI  requires  that  the  subsystems’  domain  must  be  protected.  PC/DACS  is  a  security 
product  that  runs  under  operating  systems  using  only  a  single-state  microprocessor.  (It  runs 
on  microprocessors  that  have  multiple-states  but  does  not  use  the  multiple-states). 
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Since  DOS  does  not  provide  this  protection,  PC/DACS  cannot  receive  a  rating  greater  than 
D  for  any  feature;  although  this  product  offers  some  advanced  features  such  as: 

t  Automatic  logoff  after  a  prescribed  idle  period, 

•  Subject’s  access  to  objects  is  determined  by  his  user  rights  or  by  a  project  s  rights  in 
which  he  is  a  member, 

•  BIOS  level  control  of  resources  so  that  the  subject  cannot  see  directories  or  files  in 
which  they  have  no  access. 

Therefore  PC/DACS  has  been  rated  as  a  DAC/D,  I&A/D,  Object  Reuse/D  and  Audit/D 
subsystem. 

For  a  complete  description  of  how  PC/DACS  satisfies  each  requirement  pf  the  CSSI,  see 
Final  Evaluation  Report,  Pyramid  PC/DACS  (Report  No.  CSC-EPL-89/009). 
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Serial  No. 


CSC-EPL-89/010 


EVALUATED  PRODUCT:  ONGUARD  4.10 

VENDOR:  EXE  Software  Inc. 

VERSION:  ONGUARD  4.10 

PRIVACY  PLUS  3.01 
MASTERKEY  3.01 

evaluation  DATE:  September  29,  1989 

OVERALL  EVALUATION  CLASS:  I&A  /  D1 

DAG  /  D1 


PRODUCT  DESCRIPTION 

ONGUARD  4.10  is  a  microcomputer  software  package  that  operates  on  an  IBM  PC,  PC /XT 
PC/AT,  or  lOOMS-DOS  or  PC-DOS.  The  product  is  a  combination  of  three  packages,  each 
of  which  is  also  sold  separately,  and  allows  as  many  as  24  users  to  share  a  system,  one  at  a 
time.  The  package  provides  a  clear  user  interface,  a  manual  for  the  System  Manager,  and  a 
User’s  manual. 

EVALUATION  SUMMARY: 

The  National  Computer  Security  Center  (NCSC)  has  evaluated  the  security  protection  pro¬ 
vided  by  ONGUARD  4.10.  The  security  features  for  DAC  and  I&A  were  evaluated  against 
the  Computer  Security  Subsystem  Interpretation  of  the  DoD  Trusted  Computer  Security 
Evaluation  Criteria  (CSSI),  dated  September  1988. 

ONGUARD  4.10  is  a  subsystem  which  provides  Identification  and  Authentication,  Discre¬ 
tionary  Access  Control,  Object  Reuse,  and  Auditing.  Access  control  is  performed  using  a 
user /file  matrix. 

Object  reuse  is  not  done  automatically  and  so  is  unrated. 

The  System  Administrator  is  not  consistently  audited  so  Audit  is  unrated.  ONGUARD 
provides  a  set  of  anti-tampering  checks  which  can  be  enabled  through  ONGUARD ’s  config¬ 
uration  file.  These  anti-tampering  checks  provide  D1  level  of  assurance  that  the  ONGUARD 
controls  cannot  be  bypassed.  Therefore  ONGUARD  receives  a  I&A/Dl  and  DAC  D1  rating. 

For  a  complete  description  of  how  ONGUARD  satisfies  each  requirement  of  the  CSSI,  see 
Final  Evaluation  Report,  United  Software  Security  ONGUARD  (Report  No.  CSC-EPL- 
89/010). 
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Serial  No. 


CSC-EPL-90/005 


EVALUATED  PRODUCT: 
VENDOR: 

VERSION: 

EVALUATION  DATE: 

OVERALL  EVALUATION  CLASS: 


Tigersafe 

The  ALC  Group 

3.03.1  EN 

26  September  1990 

I&A  /  D 
OR  /  D 


PRODUCT  DESCRIPTION 

The  Tigersafe  is  a  hardware/software  combination  that  provides  Identification  &  Authen¬ 
tication  and  Object  Reuse  functionality.  This  version  of  the  product  was  evaluated  on  a 
Zenith  model  248  and  includes  features  to  control  access  to  the  Zenith  ROM  Monitor  and 
Setup  utilities.  The  user  plugs  the  circuit  board  into  any  16  bit  slot  and  installs  the  software 
utilities  with  the  provided  installation  program.  The  board  asserts  control  as  the  system  is 
booted  by  modifying  the  interrupt  vector  table. 

Tigersafe  invokes  its  own  code  that  controls  the  terminal  and  keyboard.  The  net  result 
is  a  password  banner  to  which  all  users  must  correctly  respond  to  use  the  machine.  The 
software  utilities  provide  functional  control  of  the  Tigersafe  environment  along  with  object 
reuse.  Tigersafe  provides  Master  Administrator  utilities  that  customize  the  Tigersafe  system 
parameters,  initialize  users,  and  set  passwords.  The  utilities  also  manage  user  access  to  the 
hardware  resources  (hard  disk,  disk  drive,  parallel  port,  serial  port,  communications  port, 
etc.),  audit  configuration  utility,  and  system  setup  (ROM  Monitor).  Usage  of  the  Master 
Administrator  utilities  requires  an  additional  authentication  step.  There  are  other  utilities 
for  users  that  allow  them  to  change  their  password  and  invoke  the  password  banner  during 
normal  operation,  all  with  authorization  checking  and  optional  audit. 

EVALUATION  SUMMARY: 

The  security  protection  provided  by  the  Tigersafe  has  been  evaluated  against  the  require¬ 
ments  specified  by  the  Computer  Security  Subsystem  Interpretation  of  the  DoD  Trusted 
Computer  System  Evaluation  Criteria  (CSSI)  dated  September  1988. 

An  I&A  subsystem  requires  users  to  identify  themselves  to  it  before  they  do^  anything  on 
the  system.  A  subsystem  rated  as  an  I&A/D2  system  must  provide  a  unique  identifier  and 
authenticator  for  each  user.  Additionally,  it  must  use  those  items  to  control  access  to  the 
protected  system,  export  user  identification  to  the  protected  system  (host),  and  must  provide 
an  auditing  mechanism  to  log  security  relevant  I&A  events. 
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The  Tigersafe  provides  individual  user  I&A  and  an  event  log  and  exports  user  identification 
to  the  host,  and  therefore  satisfies  the  functional  requirement  for  I&A/D2.  The  Tigersafe 
also  satisfies  the  functional  requirement  for  0R/D2.  The  Tigersafe  was  not  evaluated  against 
the  Discretionary  Access  Control  or  Audit  requirements  of  the  CSSI. 


In  addition  to  meeting  the  functionality  requirements  and  interpretations  defined  in  the  CSSI, 
subsystems  must  also  meet  the  assurance  and  documentation  requirements.  The  Tigersafe 
failed  to  satisfy  the  assurance  and  doumentation  requirements,  and  therefore  receives  I&A/D 
and  Object  Reuse/D  ratings.  For  a  complete  description  of  how  the  Tigersafe  system  satisfies 
each  requirement  of  the  CSSI,  see  Final  Evaluation  Report,  ALC  Tigersafe  (Report  No  CSC- 
EPL-90/005). 
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Serial  No. 


CSC-EPL-90/006 


EVALUATED  PRODUCT:  Eyedentify  Information  Security  System  (EIS) 

VENDOR:  Eyedentify  Incorporated 

VERSIONS:  Remote  System  REV.  05-25-90 

EVALUATION  DATE:  24  September  1990 

OVERALL  EVALUATION  CLASS:  I  &  A  /  D1 


PRODUCT  DESCRIPTION 

The  Eyedentify  Information  Security  (EIS)  System  is  an  authentication  mechanisrn  for  use 
with  computer  systems  that  either  lack  a  user  authentication  capability  or  require  addi¬ 
tional  authentication  assurance.  The  EIS  System  is  a  biometric  system  employing  retinal 
identification  technology  to  quickly  and  easily  verify  a  person’s  identity.  ^  Before  using  the 
EIS  System  for  identification  and  authentication,  users  must  have  an  eye  signature  reference 
template  created  and  stored  on  the  host  computer.  This  is  done  by  taking  a  series  of  eye 
readings  and  storing  them  as  a  40-byte  eye  signature. 

After  users  are  enrolled,  the  EIS  System  is  used  to  verify  a  person  s  identity.  This  is  done 
by  entering  a  unique  personal  identification  number  (PIN)  via  a  keyboard  and  submitting  to 
an  eye  scan  at  the  EIS  System.  The  reading  is  compared  with  the  eye  signature  associated 
with  that  PIN.  If  there  is  a  match,  the  user  has  been  identified  and  authenticated. 

It  is  the  responsibility  of  the  customer  to  protect  the  host  database  where  eye  signatures  are 
stored  and  to  provide  the  software  necessary  for  communication  between  the  host  and  EIS 
System. 

EVALUATION  SUMMARY: 

The  National  Computer  Security  Center  (NCSC)  evaluated  the  security  protection  provided 
by  EIS  against  the  requirements  specified  by  the  Computer  Security  Subsystem  Interpretation 
of  the  DoD  Trusted  Computer  System  Evaluation  Criteria  (CSSI)  dated  September  1988. 

An  I&A  subsystem  requires  users  to  identify  themselves  to  it  before  they  do  anything  on 
the  system.  A  subsystem  rated  as  an  I&A/Dl  system  must  provide  a  unique  identifier  and 
authenticator  for  each  user.  Additionally,  it  must  use  those  items  to  control  access  to  the 
protected  system  and  to  export  user  identification  to  the  protected  system  (host). 
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The  NCSC  evaluation  team  has  determined  that  the  EIS  System,  when  configured  as  tested, 
does  effectively  implement  this  mechanism.  This  product  maintains  I&A  by  verifying  a  user’s 
identity.  The  EIS  System  satisfies  the  functional  requirement  for  I&A/Dl,  and  also  satisfies 
the  assurance  and  documentation  requirements.  Therefore,  the  EIS  System  receives  an  I&A 
D1  rating.  It  is  the  responsibility  of  the  customer  to  properly  integrate  the  EIS  System  with 
their  host  computer/system  to  ensure  unauthorized  access  is  not  allowed. 

For  a  complete  description  of  how  EIS  satisfies  the  I&A  requirement  of  the  CSSI,  see  Final 
Evaluation  Report,  Eyedentify  Incorporated  EIS,  (Report  No.  CSC-EPL-90/006) 
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Serial  No. 


CSC-EPL-90/007 


EVALUATED  PRODUCT:  WATCHDOG 

VENDOR:  Fischer  International  Systems  Corporation 

VERSION:  Watchdog  PC  Data  Security  version  5.2.2 

Watchdog  Armor  version  1.1.0 

EVALUATION  DATE:  28  September  1990 

OVERALL  EVALUATION  CLASS:  I&A  /  D2 

DAC  /  D 
AUD  /  D2 
OR  /  D 


PRODUCT  DESCRIPTION 

Watchdog  is  a  combination  of  two  products  provided  by  Fischer  International  Systems  Cor¬ 
poration.  Watchdog  PC  Data  Security  version  5.2.2  is  a  software  package,  while  Watchdog 
Armor  version  1.1.0  is  a  small  plug-in  hardware  board.  This  product  operates  on  a  IBM 
PC,  PC/XT,  or  PC/AT  microcomputer  with  640K  of  RAM  operating  under  MS-DOS  or  PC 
DOS  versions  2.0  or  higher. 

Watchdog  adds  Identification  and  Authentication  (I&A),  Discretionary  Access  Control  (DAC), 
Audit  (AUD),  and  Object  Reuse  (OR)  features  to  the  DOS  operating  system. 

EVALUATION  SUMMARY: 

The  National  Computer  Security  Center  (NCSC)  evaluated  the  security  protection  provided 
by  Watchdog  against  the  requirements  specified  by  the  Computer  Security  Subsystem  Inter¬ 
pretation  oi  the  DoD  Trusted  Computer  System  Evaluation  Criteria  (CSSI)  dated  September 
1988. 

An  I&A  subsystem  requires  users  to  identify  themselves  to  it  before  they  do  anything  on 
the  system.  A  subsystem  rated  as  an  I&;A/D2  system  must  provide  a  unique  identifier 
and  authenticator  for  each  user.  Additionally,  it  must  use  those  items  to  control  access  to 
the  protected  system,  export  user  identification  to  the  protected  system  (host),  and  must 
provide  an  auditing  mechanism  to  log  security  relevant  I&A  events.  Watchdog  does  provide 
individual  user  I&A  and  an  event  log  and  exports  user  identification  to  the  host.  Therefore 
Watchdog  has  received  an  I&;A/D2  rating. 

A  DAC  subsystem  provides  user-specified,  controlled  sharing  of  resources.  Security  policies 
establish  the  rules  which  determine  whether  access  can  be  granted.  Watchdog  meets  all  of 
these  requirements,  and  has  received  a  DAC/D2  rating. 
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An  auditing  subsystem  must  be  capable  of  recording  all  security  relevant  actions.  An  audit 
subsystem  with  D2  features  must  be  able  to  integrate  into  the  mechanisms  that  mediate 
access  and  perform  user  I&A.  It  must  always  be  invoked,  and  must  be  tamperproof.  Watch¬ 
dog  records  all  security  relevant  actions  and  interfaces  with  the  I&A  and  DAC  mechanisms. 
Therefore  Watchdog  has  received  an  AUD/D2  rating. 

Watchdog  overwrites  file  system  objects  upon  deallocation,  and  clears  memory  objects  at 
the  end  of  a  user’s  session  for  most,  but  not  all  memory  objects.  Since  Watchdog  fails  to 
clear  ALL  memory  objects,  it  does  not  satisfy  the  D2  requirement  for  Object  Reuse. 

For  a  complete  description  of  how  Watchdog  satisfies  each  requirement  of  the  CSSI,  see 
Final  Evaluation  Report,  Fischer  International  Systems  Corporation  Watchdog  Version  5.2.2 
(Report  No.  CSC-EPL-90/007) 
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Serial  No. 


CSC-EPL-91/001 


EVALUATED  PRODUCT:  LOCKIT  Professional  2.10 

VENDOR:  Security  Microsystems,  Inc. 

VERSION  :  LOCKIT  Professional  2.10 

EVALUATION  DATE:  March  27,  1991 

OVERALL  EVALUATION  CLASS:  I&A  /  D 

DAC  /  D 
AUD  /  D 
OR  /  D 


PRODUCT  DESCRIPTION 

LOCKIT  Professional  2.10  is  a  microcomputer  hardware  and  software  package  that  operates 
on  an  IBM  PC,  PC/XT,  PC/AT,  or  lOOcompatible  microcomputer  under  MS-DOS  or  PC- 
DOS.  The  product  is  a  combination  of  a  hardware  board  and  a  software  package  that  allows 
many  users  to  share  a  system,  one  at  a  time.  The  package  provides  a  friendly  user  interface, 
a  manual  for  the  System  Administrator,  and  a  User’s  manual. 

EVALUATION  SUMMARY: 

The  Trusted  Product  Evaluations  and  Network  Security  Evaluations  Division  of  the  National 
Security  Agency  (NSA)  has  evaluated  the  security  protection  provided  by  LOCKIT  Profes¬ 
sional  2.10.  The  security  features  for  Identification  and  Authentication,  Discretionary  Access 
Control,  Audit,  and  Object  Reuse  were  evaluated  against  the  Computer  Security  Subsystems 
Interpretation  (CSSI)  of  the  Trusted  Computer  Security  Evaluation  Criteria  (TCSEC). 

LOCKIT  Professional  2.10  is  a  subsystem  which  provides  Identification  and  Authentication, 
Discretionary  Access  Control,  Object  Reuse,  and  Auditing.  The  user  is  confined  within  a 
menu  driven  environment  which  must  not  be  exited  if  security  is  to  be  maintained.  Identi¬ 
fication  and  Authentication  is  accomplished  within  a  separate  domain  before  MS/PC-DOS 
is  brought  up. 

Discretionary  access  control  is  obtained  by  defining  a  limited  access  area  for  each  user  and  by 
providing  access  to  that  area  only  through  that  user’s  menu.  Object  reuse  functionality  for 
both  memory  resident  objects  and  disk  resident  objects  can  be  set  up  so  that  it  is  automati¬ 
cally  invoked.  Auditing  capabilities  are  very  limited.  There  are  limited  checks  to  determine 
if  any  part  of  LOCKIT  Professional  2.10  was  tampered  with.  LOCKIT  Professional  2.10 
receives  a  D  rating  in  auditing  because  it  does  not  meet  all  of  the  functional  requirements 
for  a  higher  rating. 
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In  addition  to  meeting  the  functionality  requirements  defined  in  the  CSSI,  subsystems  must 
also  meet  the  assurance  and  documentation  requirements.  LOCKIT  Professional  failed  to 
satisfy  the  assurance  and  documentation  requirements,  and  therefore  receives  a  composite 
rating  of  D  for  the  Identification  and  Authentication,  Object  Reuse,  and  Discretionary  Access 
Control  features.  For  a  complete  description  of  how  LOCKIT  Professional  satisfies  each 
requirement  of  the  CSSI,  see  Final  Evaluation  Report,  Security  Microsystems,  Inc.  Lockit 
Professional  {Report  No.  CSC-EPL-91/001). 
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Serial  No. 


CSC-EPL-91/002 


EVALUATED  PRODUCT:  COMPSEC-II 


VENDOR: 


American  Computer  Security  Industries,  Inc. 


VERSION: 


COMPSEC-II  USA  American  Version,  release  B3.1 


EVALUATION  DATE:  10  June  1991 

OVERALL  EVALUATION  CLASS:  I&A  /  D 

AUD  /  D 
DAC  /  D 
OR  /  D 


PRODUCT  DESCRIPTION 

COMPSEC-II  is  a  combined  hardware  and  software  based  product  for  use  in  microcomputers. 
The  hardware  base  of  COMPSEC-II  consists  of  a  hardware  card  that  is  inserted  in  an  IBM- 
PC,  IBM-XT,  IBM-AT,  386-based  machine,  or  a  1002.0  through  3.3.  The  software  portion 
of  the  product  is  installed  by  running  the  installation  utility  provided  with  the  system. 

COMPSEC-II  provides  System  Operator  utilities  to  customize  the  system  including  initial¬ 
izing  users  and  setting  passwords,  setting  user  access  to  the  hardware  resources  (hard  disk, 
external  disk  drive),  setting  user  access  to  files  and  directories,  configuring  the  audit  utility, 
and  activating  object  reuse.  Use  of  the  System  Operator  utilities  requires  an  additional 
identification  and  authentication  step. 

EVALUATION  SUMMARY: 

The  Trusted  Product  and  Network  Security  Evaluations  Division  of  the  National  Security 
Agency  (NS A)  has  evaluated  the  security  protection  provided  by  COMPSEC-II.  The  security 
features  for  Identification  and  Authentication,  Audit,  Discretionary  Access  Control,  and 
Object  Reuse  were  evaluated  against  the  requirements  specified  by  the  Computer  Security 
Subsystem  Interpretation  (CSSI)  of  the  DoD  Trusted  Computer  System  Evaluation  Criteria 
(TCSEC). 

An  I&A  subsystem  requires  users  to  identify  themselves  to  it  before  they  do  anything  on 
the  system.  A  subsystem  rated  as  an  I&A/D2  system  must  provide  a  unique  identifier 
and  authenticator  for  each  user  and  use  those  items  to  control  access  to  system  objects. 
Additionally,  the  subsystem  must  provide  for  audit  logging  of  security  relevant  I&A  events 
and  protect  the  authentication  data  so  that  it  cannot  be  accessed  by  any  unauthorized  user. 
COMPSEC-II  requires  individual  users  to  identify  themselves  and  authenticate  their  identity 
before  they  are  allowed  access  to  the  system. 
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COMPSEC-II  audits  the  occurrence  of  all  security  relevant  I&A  events.  However,  COMPSEC- 
II  fails  to  sufficiently  protect  the  authentication  data  from  unauthorized  access.  An  audit 
subsystem  must  be  capable  of  recording  all  security  relevant  actions  that  occur  on  the  sys¬ 
tem.  The  record  of  these  events  must  be  protected  from  modification  or  unauthorized  access 
or  destruction. 

COMPSECTI  fails  to  audit  the  security  relevant  actions  taken  by  the  system  administrator 
during  the  configuration  and  update  of  the  System  Operator  utilities  mentioned  above  in 
the  Product  Description.  Additionally,  COMPSEC-II  fails  to  sufficiently  protect  the  audit 
log  data  from  unauthorized  access. 

A  DAC/D2  subsystem  uses  the  identification  of  subjects  and  objects  to  determine  whether 
users  are  authorized  for  each  access  attempt.  The  DAC  subsystem  must  provide  the  capa¬ 
bility  for  users  to  specify  how  other  users  or  groups  may  access  the  objects  they  control. 
Audit  data  must  be  generated  that  records  access  mediation  events.  Propagation  of  access 
rights  must  be  limited  to  authorized  users.  The  DAC  mechanism  must  deny  access  to  an 
object  when  no  explicit  action  has  been  taken  to  allow  access.  If  COMPSEC-II  is  configured 
for  Master  Exclusion  Access  Control  as  described  in  the  vendor’s  operations  manual,  then 
COMPSEC-II  satisfies  the  functional  requirements  for  DAC  at  the  D2  level. 

An  0R/D2  subsystem  requires  that  all  authorizations  to  the  information  contained  within  a 
storage  object  shall  be  revoked  prior  to  assignment  or  allocation  to  a  subject.  COMPSEC-II 
overwrites  file  system  objects  upon  deallocation  and  clears  memory  objects  at  the  end  of  a 
user’s  session.  COMPSEC-II  satisfies  the  functional  requirements  for  OR  at  the  D2  level. 

In  addition  to  meeting  the  functional  requirements,  subsystems  must  also  meet  the  assurance 
and  documentation  requirements  of  the  CSSI.  COMPSEC-II  failed  to  satisfy  the  assurance 
and  documentation  requirements  and  therefore  receives  a  composite  rating  of  D  for  each  of 
the  four  features  that  were  evaluated.  For  a  complete  description  of  how  the  COMPSEC- 
II  system  satisfies  each  requirement  of  the  CSSI,  see  Final  Evaluation  Report,  American 
Computer  Security  Industries j  Inc.,  COMPSEC-II  (Report  CSC-EPL-91/004). 
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NETWORK  COMPONENT  EPL  ENTRIES 


Serial  No. 


CSC-EPL-90/001 


EVALUATED  PRODUCT:  VSLAN  5.0 

VENDOR:  Verdix  Corporation 

EVALUATION  DATE:  25  July  1990 

OVERALL  EVALUATION  CLASS:  B2  MDIA  Network  Component 


PRODUCT  DESCRIPTION: 

The  Verdix  Secure  Local  Area  Network  (VSLAN)  is  a  network  component  that  is  capable 
of  interconnecting  host  systems  operating  at  different  ranges  of  security  levels  allowing  a 
multi-level  secure  (MLS)  LAN  operation. 

The  VSLAN  is  not  intended  to  be  a  network  system.  It  can  be  used  to  build  and  sup¬ 
port  a  class  B2  network  system  when  included  in  the  proper  network  system  architecture. 
The  VSLAN  operates  at  the  physical  and  data-link  protocol  layers  of  the  Open  Systems  In¬ 
terconnection  (OSI)  reference  model,  independently  of  higher-layer,  host-to-host  protocols. 
Because  of  the  VSLAN’s  independence  of  these  upper  layer  protocols,  it  can  be  used  to 
integrate  a  variety  of  host  systems  ranging  from  DoD  internet  gateways  to  vendor-specific 
systems. 

The  VSLAN  consists  of  a  single  Network  Security  Center  (NSC)  and  up  to  128  Network 
Security  Devices  (NSDs)  interconnected  by  a  transmission  medium  (i.e.,  coaxial  cable).  The 
NSC  is  a  dedicated  computer  system  that  provides  a  centralized  management  facility.  The 
NSC  supports  separate  administrator  and  operator  roles.  It  provides  a  menu-driven  interface 
for  the  security  officer  (i.e.,  administrator  and/or  operator)  to  control  the  operation  of  the 
VSLAN  and  to  collect  and  store  audit  data. 

Each  NSD  operates  as  an  individual  node  of  the  VSLAN,  providing  a  trusted  network  inter¬ 
face  for  its  attached  host  that  provides  the  LAN  communications  (IEEE  802.3)  and  enforces 
the  VSLAN  security  policy  for  all  host-to-host  data  transfers.  Each  NSD  provides  a  system 
bus  interface  to  its  attached  host  and  acts  as  a  memory  device  on  its  host  bus.  In  order  to 
integrate  the  NSD  with  the  host  operating  system,  host-specific  software  is  needed  to  make 
use  of  the  trusted  network  interface  provided  by  the  NSD.  The  VSLAN  is  currently  capable 
of  supporting  the  following  system  bus  interfaces:  IEEE  P796  (Multibus- 1),  DEC  Q22,  IBM 
PC  XT  and  PC  AT,  IEEE  P1014/D1.2  (VME),  IEEE  1196  (NuBus),  and  the  AT&T  3B2. 

The  VSLAN  mediates  access  between  hosts  and  datagrams.  Its  security  policy  supports  both 
discretionary  and  mandatory  access  controls.  The  discretionary  access  control  (DAC)  policy 
allows  two  VSLAN  subjects  to  exchange  datagrams  only  if  the  security  officer  has  authorized 
communication  between  them.  The  mandatory  access  control  (MAC)  policy  mediates  access 
between  VSLAN  subjects  and  datagrams.  Each  datagram  must  have  associated  with  it  a 
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host-supplied  sensitivity  label  indicating  its  security  level.  The  VSLAN  provides  a  flexible  la¬ 
beling  scheme  that  supports  up  to  16  hierarchical  classification  levels  and  64  non-hierarchical 
categories. 

The  VSLAN  uses  the  Data  Encryption  Standard  (DES)  to  encrypt  all  data  transfers  across 
the  network.  It  uses  DES  primarily  as  a  data  integrity  mechanism,  instead  of  as  a  mecha¬ 
nism  to  enforce  the  VSLAN  security  policy.  The  class  B2  MDIA  evaluation  criteria  does  not 
require  the  evaluation  of  the  DES;  therefore,  neither  the  DES  algorithm  nor  the  VSLAN  im¬ 
plementation  of  the  DES  are  evaluated.  The  hardware  and  software  components  that  make 
up  the  VSLAN,  including  the  LAN  cable,  must  be  protected  to  the  highest  classification  of 
data  processed  by  the  VSLAN.  The  VSLAN  is  trusted  to  protect  information  at  two  hierar¬ 
chically  adjacent  security  classifications.  In  addition  to  application  environments  involving 
the  protection  of  classified  information,  the  VSLAN  could  be  used  to  protect  unclassified 
and  unclassified-but-sensitive  information,  which  may  include  financial,  proprietary,  private, 
and  mission-sensitive  data. 

EVALUATION  SUMMARY: 

The  security  protection  provided  by  the  VSLAN  has  been  evaluated  by  the  National  Com¬ 
puter  Security  Center  (NCSC)  against  the  requirements  specified  by  the  Trusted  Network 
Interpretation  of  the  Trusted  Computer  System  Evaluation  Criteria  (TNI),  31  July  1987, 
NCSC-TG-005,  Version  1. 

The  NCSC  evaluation  team  has  deterrhined  that  the  highest  class  for  which  the  VSLAN 
satisfies  all  the  specified  requirements  of  the  TNI  is  a  class  B2  MDIA  network  component. 
A  class  B2  MDIA  network  component  fulfills  all  the  requirements  as  stated  in  Appendix  A 
of  the  TNI  for  a  class  B2  Mandatory  Access  Control  component,  a  class  C2  Discretionary 
Access  Control  component,  a  class  C2  Identification  &  Authentication  component,  and  a 
class  C2  Audit  component.  The  VSLAN  covert  channel  analysis  is  applicable  only  to  the 
VSLAN  NTCB  partition.  While  it  is  possible  to  include  an  evaluated  network  M-component 
such  as  the  VSLAN  as  part  of  a  network  system  incorporating  other  M-components  (such  as 
multilevel  hosts),  this  may  introduce  new  covert  channels  or  penetration  scenarios  that  were 
not  evident  from  the  evaluation  of  either  component  by  itself.  A  complete  network  system 
must  always  be  evaluated  as  a  whole  to  ensure  that  the  components  together  enforce  the 
overall  policy. 

In  addition  to  the  network  component  rating,  the  NCSC  evaluation  team  has  determined  that 
the  VSLAN  satisfies  the  requirements  for  some  of  the  security  services  described  in  Part  II  of 
the  TNI.  The  services  which  are  offered  by  the  VSLAN  are  Authentication,  Communications 
Field  Integrity,  Continuity  of  Operations,  Protocol  Based  Protection  Mechanisms,  Network 
Management,  and  Data  Confidentiality. 
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The  Trusted  Computer  System  Evaluation  Summary  Chart  indicates  the  requirements  and 
corresponding  level  that  the  VSLAN  satisfies.  For  a  more  in  depth  description  of  VSLAN 
refer  to  the  Final  Evaluation  Report,  Verdix  Corporation,  VSLAN  (Report  No.  CSC-EPL- 
90/001). 
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Evaluation  of  Part  II  Requirements 


COMMUNICATIONS  INTEGRITY 


AUTHENTICATION 

** 

COMMUNICATIONS  FIELD  INTEGRITY 

functionality 

GOOD 

strength 

GOOD 

assurance 

GOOD 

NON-REPUDATION 

(not  offered) 

DENIAL  OF  SERVICE 

CONTINUITY  OF  OPERATIONS 

functionality 

MINIMUM 

strength 

MINIMUM 

assurance 

GOOD 

PROTOCOL-BASED  PROTECTION  MECHANISMS 

functionality 

FAIR 

strength 

GOOD 

assurance 

GOOD 

NETWORK  MANAGEMENT 

functionality 

PRESENT 

strength 

FAIR 

assurance 

GOOD 

COMPROMISE  PROTECTION 

DATA  CONFIDENTIALITY 

** 

TRAFFIC  FLOW  CONFIDENTIALITY  (not  offered) 

SELECTIVE  ROUTING 

(not  offered) 

**  The  Authentication  and  Data  Confidentiality  services  are  implicitly  present  for  communi¬ 
cations  among  the  NSDs  via  the  use  of  DES.  However,  their  evaluation  is  beyond  the  scope 
of  the  Trusted  Product  Evaluation  Program. 
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Serial  No. 


CSC-EPL-91/005 


EVALUATED  PRODUCT:  MLS  LAN 

Secure  Network  Server  System 

VENDOR:  Boeing  Aerospace 

EVALUATION  DATE:  2  July  1991 

OVERALL  EVALUATION  CLASS:  MI  Network  Component  -  A 

PRODUCT  DESCRIPTION: 

At  the  time  of  publication,  information  in  the  form  of  a  Completed  Evaluated  Product 
Listing  was  not  available.  A  completed  EPL  will  be  provided  as  soon  as  possible.  For 
the  current  information  pretaining  to  this  Evaluated  Product  please  refer  to  the  Product 
Bulletin,  CSC-EPL-88/003,  found  on  page  4-3a.l. 
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RAMP  EPL  ENTRIES 


Serial  No. 


CSC-EPL-86/004-01R 


RAMPED  PRODUCT: 

VERSIONS: 

VENDOR: 

EVALUATION  DATE: 

RATING  MAINTENANCE  DATE: 
OVERALL  EVALUATION  CLASS: 


VAX/ VMS  ^ 

Version  4.3,  with  September  Systems 
Dispatch  article  95.5.8,  V4  Security 
Update  and  accompanying  letter 

Digital  Equipment  Corporation 

30  July  1986 

9  May  1988 

C2 


PRODUCT  DESCRIPTION: 

VAX/VMS  (Virtual  Address  extension/ Virtual  Memory  System)  is  Digital  Equipment  Cor¬ 
poration’s  general-purpose  operating  system  that  runs  on  all  VAX  systems,  which  currently 
include  processors  ranging  from  the  VAX  11/725  to  the  VAX  8800.  VAX/VMS  software 
provides  an  environment  for  concurrent  execution  of  multi-user,  time-sharing,  batch,  and 
real-time  applications . 

The  VAX  architecture  provides  four  processor  access  modes  that  are  used  to  provide  read/write 
protection  between  user  software  and  system  software.  Memory  and  device  access  is  con¬ 
trolled  on  a  per-page  basis  by  processor  memory  management. 

VAX/ VMS  software  provides  privilege  and  protection  mechanisms  to  limit  user  access  to 
system- controlled  structures  in  physical  memory,  system-structured  files  and  volumes,  and 
some  devices.  User  accounts  are  maintained  in  a  User  Authorization  File  (UAF)  by  a  system 
manager.  Each  account  has  a  user  name  and  encrypted  password  for  identification  and 
authentication  of  the  user,  and  the  privileges  available  to  the  user. 

Each  account  contains  a  User  Identification  Code  (UIC)  which  is  compared  with  user- 
specified  file  and  device  access  control  lists  to  provide  discretionary  access  controls.  Access 
control  lists  may  also  trigger  real-time  security  alarms  by  access  and/or  access  attempts. 
Messages  are  sent  to  any  terminal  designated  as  a  security  terminal  and  are  also  stored  in  a 
log  file  to  provide  an  audit  trail  of  user  access  activities. 


^VAX  and  VMS  are  trademarks  of  Digital  Equipment  Corporation. 
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EVALUATION  SUMMARY: 

The  security  protection  provided  by  VAX/VMS  Version  4.3  (with  September  Systems  Dis¬ 
patch  article  95.5.8,  V4  Security  Update  and  Accompanying  letter)  has  been  evaluated  by  the 
National  Computer  Security  Center  (NCSC)  under  the  provisions  of  the  Rating  Maintenance 
Program.  The  security  features  of  VAX/VMS  were  tested  against  the  requirements  speci¬ 
fied  by  the  Department  of  Defense  Trusted  Computer  System  Evaluation  Criteria,  dated  15 
August  1983  (the  Criteria).  The  evaluated  hardware  set  includes  the  following  stand-alone 
processors:  11/725,  11/730,  11/750,  11/751,  11/780,  11/782,  11/785,  8200,  8600,  and  8650 
as  well  as  Norden  Systems’  MIL  VAX  I  and  II. 


Trusted  Computer  System  Evaluation  Summary  Chart 


Security  Policy  Accountability  Assurance  Documentation 


I  I  Does  Not  Satisfy  the  Requirement  For  This  Class 

m  No  Requirements  For  This  Class 

fei’J  No  Additional  Requirements  For  This  Class 

[H  Meets  or  Exceeds  the  Requirements  For  This  Ciass 

Credit  given  above  the  overall  rating  recongnizes 
mechanisms  implemented  beyond  those  strictly  required 
within  the  assigned  rating  class.  Security  testing  was  not 
conducted  above  the  rated  level,  and  the  reader  should 
not  infer  any  assurance  above  this  level. 


System  Name: 

Digital  Equipment  Corporation 
VAX/VMS  Version  4.3 


Evaluation  Date:  30  July  1986 


The  NCSC  evaluation  team  has  determined  that  the  highest  class  at  which  VAX/VMS  Ver¬ 
sion  4.3  (with  September  Systems  Dispatch  article  95.5.8,  V4  Security  Update  and  accom¬ 
panying  letter)  satisfies  all  the  specified  requirements  of  the  Criteria  is  class  C2,  Controlled 
Access  Protection. 
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In  addition,  VAX/VMS  satisfies  the  class  B2  trusted  path  requirement.  The  figure  on  the 
previous  page  indicates  the  requirements  and  corresponding  level  that  VAX/VMS  Version 
4.3  (with  September  Systems  Dispatch  article  95.5.8,  V4  Security  Update  and  accompanying 
letter)  satisfies. 

The  class  C2  rating  assigned  to  VAX/VMS  Version  4.3  (with  September  Systems  Dispatch 
article  95.5.8,  V4  Security  Update  and  accompanying  letter)  is  the  highest  level  of  the  Criteria 
at  which  the  system  satisfies  all  the  specified  requirements.  For  a  complete  description  of  how 
VAX/ VMS  satisfies  each  requirement  of  the  Criteria,  see  Final  Evaluation  Report,  Digital 
Equipment  Corporation,  VAX/VMS  Version  4-3  (Report  No.  CSC-EPL-86/004). 
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Serial  No.  CSC-EPL-90/003 

System  V/MLS  Release  1.2.0  and 
630/MLS  Release  1.2.0  running  with  UNIX 
System  V  Release  3.1.1  on  the  AT&T 
3B2/500  and  AT&T  3B2/600  minicomputers 
and  the  AT&T630  MTGterminal.  System  V/MLS 
version  1.2.0  running  with  UNIX  System  V 
Release  3.1.1  on  the  AT&T  3B2/500  or 
AT&T  3B2/600  minicomputers. 

System  V/MLS  version  1.1.2  running  with 
UNIX  System  V  Release  3.1.1  on  the  AT&T 
3B2/500  or  AT&T  3B2/600  minicomputers. 

American  Telephone  and  Telegraph  Co. (AT&T) 

28  September  1990 

B1 


EVALUATION  SUMMARY: 

AT&T  has  maintained  the  B1  rating  of  its  System  V/MLS  product,  through  participation  in 
RAMP.  For  more  information  on  this  evaluation  process  and  System  V/MLS  Release  1.2.0, 
see  the  new  Final  Evaluation  Report  Addendum  addressing  System  V/MLS  Release  1.2.0. 

PRODUCT  DESCRIPTION 

AT&T’s  System  V/MLS  Release  1.2.0  running  with  UNIX  ^  System  V  Release  3.1.1  (here¬ 
after  referred  to  as  System  V/MLS)  is  a  multi-level  secure  version  of  the  UNIX  System  V 
operating  system  for  the  AT&T  3B2/500  and  AT&T  3B2/600  minicomputers  (both  utilizing 
the  WE32100  microprocessor  and  the  WE32101  memory  management  unit).  System  V /MLS 
is  a  multi-user,  multi-tasking  operating  system  that  can  support  up  to  48  concurrent  users 
on  a  3B2/500  and  up  to  64  concurrent  users  on  a  3B2/600. 

System  V/MLS  maintains  UNIX  System  V  application  compatibility,  is  compatible  with  the 
System  V  Interface  Definition  (SVID),  passes  the  System  V  Verification  Suite  (SVVS),  and 
is  source  and  binary  code  compatible  with  existing  programs,  provided  those  programs  do 
not  require  modifications  to  the  System/V  MLS  Trusted  Computing  Base  (TCB)  or  violate 
the  system  security  policy. 


RAMPED  PRODUCT: 


ORIGINAL  PRODUCT: 

VENDOR: 

RATING  MAINTENANCE  DATE: 
OVERALL  EVALUATION  CLASS: 


^  UNIX  is  a  registered  trademark  of  AT&T 
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In  addition  to  using  the  traditional  protection  mechanism  of  the  UNIX  operating  system  to 
provide  discretionary  access  control,  System  V/MLS  also  provides  mandatory  access  control 
to  limit  the  distribution  of  information  to  only  those  users  who  have  been  authorized  for  it. 

The  mandatory  security  policy  is  consistent  with  the  Bell-La  Padula  model  and  conforms 
with  DoD  policy.  System  V/MLS  provides  a  flexible  labeling  scheme  that  supports  up  to 
255  site  selectable  hierarchical  classification  levels  and  1024  nonhierarchical  categories.  The 
administrator  has  the  capability  to  restrict  users  and  login  ports  to  selectable  classifica¬ 
tion  ranges.  A  multi-level  mail  capability  allows  users  to  communicate  with  each  other  at 
classifications  defined  by  the  administrator. 

System  V/MLS  enforces  a  security  policy  that  prevents  both  unauthorized  declassification  of 
information  and  unauthorized  modification  of  trusted  code.  The  mandatory  access  controls 
are  implemented  in  a  manner  analogous  to  the  traditional  UNIX  commands  for  discretionary 
access  control.  Other  commands  have  been  added  to  allow  users  to  create  discretionary 
groups  on  the  system.  Furthermore,  users  can  change  levels  without  having  to  log  out.  A 
random  password  generator  implements  the  algorithms  recommended  in  the  DoD  Password 
Management  Guideline^  CSC-STD-002-85. 

Audit  trail  records  are  generated  for  security- relevant  events  and  can  be  analyzed  by  an 
administrator  using  an  audit  trail  formatter.  A  trusted  path  is  provided  at  login  time  to 
ensure  that  users  are  communicating  with  the  TCB.  The  630  Multi-Tasking  Graphics  intel¬ 
ligent  terminal  (630  MTG),  a  high-resolution,  multi- window  graphics  terminal,  can  provide 
the  user  with  up  to  seven  windows  on  each  of  two  System  V/MLS  hosts.  The  security  label 
of  the  contents  of  each  window  is  independent  of  the  labels  of  other  windows.  A  ’’cut  and 
paste”  capability  allows  the  user  to  simultaneously  edit  files  at  different  security  levels  within 
the  constraints  of  the  enforced  security  policy.System  V/MLS  also  provides  some  features 
beyond  those  required  for  a  class  B1  system.  These  include  B2  trusted  path,  B2  subject 
sensitivity  labels,  and  B2  device  labeling.  This  product  participates  in  the  NS  A  Rating 
Maintenance  Phase  (RAMP). 

ENHANCEMENTS: 

This  RAMP  action  introduces  the  following  improved  functionality  and  enhancements:  The 
audit  subsystem  now  includes  eight  additional  User  Level  Interface  channels.  These  channels 
can  be  opened  by  more  than  one  process  at  a  time.  The  630MTG  now  supports  two  hosts  of 
equal  accreditation  ranges  simultaneously,  providing  separation  between  the  hosts. Utilizing 
the  630  MTG  windowing  features,  an  enhanced  trusted  path  mechanism  is  built  into  security 
relevant  commands.  This  mechanism  involves  displaying  a  separate,  uniquely  distinguishable 
trusted  path  window  for  secure  communication  between  the  user  and  the  TCB.  The  window¬ 
ing  features  are  also  used  in  the  new  user  interface  for  selecting  the  subject  sensitivity  level 
for  each  newly  created  window.  Additionally,  declassification  via  the  ’’cut  and  paste  option 
has  been  added  to  the  630MTG  including  confirmation  and  enhanced  auditing,  optionally 
including  the  declassified  text. 
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Trusted  Computer  System  Evaluation  Summary  Chart 


Does  Not  Satisfy  the  Requirement  For  This  Class 
No  Requirements  For  This  Class 
No  Additional  Requirements  For  This  Class 

Meets  or  Exceeds  the  Requirements  For  This  Class 

Credit  given  above  the  overall  rating  recongnizes 
mechanisms  implemented  beyond  those  strictly  required 
within  the  assigned  rating  class.  Security  testing  was  not 
conducted  above  the  rated  level,  and  the  reader  should 
not  Infer  any  assurance  above  this  level. 


For  a  complete  description  of  how  AT&T  System  V/MLS  satisfies  each  requirement  of  the 
Criteria,  see  Final  Evaluation  Report,  American  Telephone  and  Telegraph  Corporation,  Sys¬ 
tem  V/MLS  Release  1.2.0  (Report  No.  CSC-EPL-90/003). 
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Serial  No. 


CSC-EPL-89/004.A 


RAMPED  PRODUCT: 


Unisys  OS  1100/2200 
Release  SB3R6 


ORIGINAL  PRODUCT: 

VENDOR: 

RATING  MAINTENANCE  DATE: 
OVERALL  EVALUATION  CLASS: 


Unisys  OS  1100 
Security  Release  I 

Unisys  Corporation 

5  April  1991 

B1 


EVALUATION  SUMMARY: 

Unisys  Corporation  has  maintained  the  B1  rating  of  its  OS  1100/2200  Release  SB3R6  prod¬ 
uct,  through  participation  in  RAMP.  For  more  information  on  this  evaluation  process  and 
OS  1100/2200  SB3R6  see  the  new  Final  Evaluation  Report  SB3R6.  OS  1100/2200  Release 
SB3R6  continues  to  provide  these  features  beyond  those  required  for  a  class  B1  system:  B2 
trusted  path,  B3  DAC  for  groups,  and  B2  trusted  facility  maintenance. 

PRODUCT  DESCRIPTION: 

OS  1100/2200  Release  SB3R6  is  a  general  purpose,  multi-processing  operating  system  run¬ 
ning  on  Unisys  1100/90,  System  11,  and  2200/200  hardware.  These  models  share  a  common 
architecture  which  employs  a  multi-state  protection  mechanism  along  with  hardware  memory 
protection.  OS  1100/2200  is  structured  to  take  advantage  of  these  features.  For  example, 
it  supports  multiple  processes  (activities),  each  running  with  a  private  virtual  address  space 
and  capable  of  sharing  protected  subsystems  (common  memory  banks). 

OS  1100/2200  Release  SB3R6  supports  batch,  time-sharing  (demand),  and  transaction  pro¬ 
cessing  (TIP)  modes.  The  trusted  computing  base  (TCB)  of  OS  1100/2200  Release  SB3R6 
consists  of  specific  releases  of  the  following  components:  Executive,  CMSllOO,  TELCON, 
COMUS,  FAS,  IRU,  UDS,  MOB,  PERCON,  SIMAN,  SSP,  TLABEL,  and  DPREPllOO. 
Communications  are  provided  by  Distributed  Communications  Processors  (DCP)  and  In¬ 
tegrated  Communication  Processors  (ICP)  operating  as  front  end  processors  under  control 
to  CMS  1100  and  TELCON.  The  OS  1100/2200  Executive  is  the  base  component  and  a 
prerequisite  for  the  other  components.  The  TCB  enforces  a  mandatory  and  discretionary 
security  policy,  performs  user  identification  and  authentication,  clears  residue,  generates  au¬ 
dit  trail  and  accounting  records,  and  provides  a  base  upon  which  to  build  secure  application 
programs. 


4-3f.7 


OS  1100/2200  Release  SB3R6  provides  isolation  of  the  OS  1100/2200  Executive  through  the 
use  of  hardware  protection  mechanisms.  Access  to  OS  1100  subsystems  (shared  memory 
banks)  is  protected  with  controlled  access  to  entry  points  (gates).  If  access  is  permitted 
to  the  entry  point,  the  system  switches  the  security  attributes  of  the  process  (activity)  to 
those  specified  for  the  subsystem.  Activity  isolation  is  achieved  by  using  a  hardware  and 
software  architecture  which  includes  a  per-activity  virtual  address  space,  per-activity  stacks, 
and  architecturally  defined  activity  state  changes. 

OS  1100/2200  Release  SB3R6  provides  a  mandatory  access  control  policy  consistent  with 
the  Bell-LaPaduala  model.  Mandatory  access  control  is  based  on  labeling  which  supports  up 
to  64  hierarchical  levels  and  30  categories.  An  administrator  can  attach  symbolic  names  to 
each  level  and  each  category.  Additionally,  each  category  may  be  securely  re-defined  by  an 
administrator.  OS  1100/2200  requires  that  all  subjects  and  objects  have  a  mandatory  label 
and  ensures  that  all  accesses  to  objects  conform  to  the  security  policy. 

Discretionary  access  control  provided  by  OS  1100/2200  Release  SB3R6  is  based  on  access 
lists  which  may  be  private  (default),  public,  or  semi-private  (access  control  record  attached). 
Access  control  records  specify  by  whom,  when,  and  how  the  object  may  be  accessed.  OS 
1100/2200  not  only  provides  discretionary  access  controls  available  for  individual  users,  access 
may  be  controlled  at  a  group  level  as  well. 

OS  1100/2200  Release  SB3R6  provides  clearing  of  residue  (object  reuse)  in  registers,  main 
storage,  and  mass  storage. 

Identification  and  authentication  of  batch,  demand,  and  TIP  users  is  accomplished  by  pre¬ 
senting  a  userid  and  password  to  the  TCB’s  login  facility.  Identification  and  authentication 
information  is  stored  in  a  protected  database  in  the  OS  1100/2200  file  system. 

OS  1100/2200  Release  SB3R6  provides  an  auditing  facility  to  ensure  user  accountability. 
All  security-relevant  events  are  always  audited,  not  just  auditable.  This  facility  includes 
collection,  reduction,  backup,  and  audit  data  recovery  capabilities.  The  Log  Analyzer  (LA) 
provides  audit  reduction  capabilities  including  security  reports,  actions  of  individual  users, 
and  references  to  specific  objects  or  object  security  levels. 

OS  1100/2200  also  provides  the  ability  to  restrict  user  privileges  to  those  required  to  perform 
their  duties.  All  users  (including  operators  and  administrators)  are  subject  to  this  mecha¬ 
nism.  The  system  supports  a  Security  Administrator  role.  This  administrator  is  responsible 
for  the  overall  security  of  the  system.  Sub-administrators  can  also  be  defined  to  the  system. 
System  operators  and  administrators  are  trusted 'individuals  and  their  interactions  with  the 
system  are  audited. 

OS  1100/2200  Release  SB3R6  also  provides  some  features  beyond  those  required  for  a  class 
B1  system.  These  include  B2  trusted  path,  B3  DAC  for  groups,  and  B2  trusted  facility 
management. 
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PRODUCT  ENHANCEMENTS: 

OS  1100/2200  Release  SB3R6  contains  no  changes  to  the  security  policy,  features  or  mech¬ 
anisms  provided  by  the  originally  evaluated  product.  This  release  is  a  maintenance  release, 
and  as  such,  contains  maintenance  fixes,  performance  enhancements  and  non-security  rele¬ 
vant  features. 

For  a  complete  description  of  how  Unisys  OS  1100/2200  satisfies  each  requirement  of  the 
Criteria,  see  Final  Evaluation  Report,  Unisys  Corportation,  OS  1100  (Report  No.  CSC- 
EPL-89/004)  and  Final  Evaluation  Report  Addendum,  Unisys  Corporation,  OS  1100/2200 
Release  SB3R6  (Report  No.  CSC-EPL-89/004.A). 
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Serial  No. 


CSC-EPL-90/004.A 


RAMPED  PRODUCT: 

ORIGINAL  PRODUCT: 

VENDOR: 

RATING  MAINTENANCE  DATE: 
OVERALL  EVALUATION  CLASS: 


SVS/OS  CAP  1.01 
SVS/OS  CAP  1.00 
Wang  Laboratories,  Inc. 
16  September  1991 
C2 


EVALUATION  SUMMARY: 

Wang  Laboratories,  Inc.  has  maintained  the  C2  rating  of  its  Virtual  Operating  System 
with  Controlled  Access  Protection,  through  participating  in  RAMP.  VS/OS  CAP  1.01  is  a 
maintenance  release  of  VS/OS  CAP  1.0  which  was  formally  evaluated  at  C2.  There  have 
been  no  intervening  product  releases.  The  changes  in  VS/OS  CAP  1.01  have  been  designed 
and  analyzed  in  accordance  with  National  Security  Agency’s  Ratings  Maintenance  Program. 

PRODUCT  DESCRIPTION: 

Wang’s  Secure  Virtual  Storage  Operating  System  with  Controlled  Access  Protection,  SVS/ OS 
CAP  1.01,  runs  on  the  Wang  VS  Product  Family,  a  series  of  32-bit  super-minicomputers  with 
a  virtual  memory  system  that  can  support  from  512KB  to  32MB  of  addressable  physical 
storage.  SVS/OS  CAP  1.01  consists  of  the  VS  Operating  System,  release  7.33.36  Enhanced 
Security  Access  Controls  (ESAC),  and  I/O  Device  Support  Package  Version  5.0. 

SVS/OS  CAP  1.01  is  a  general-purpose  time-sharing  system  which  supports  identification 
and  authentication  of  users,  discretionary  access  controls,  object  reuse  protection,  and  au¬ 
diting. 

SVS/OS  CAP  1.01  provides  isolation  of  the  TCB  from  users.  Process  isolation  is  imple¬ 
mented  through  the  use  of  individual  process  virtual  address  spaces  and  hardware  memory 
protection  mechanisms. 

User  accounts  are  maintained  in  a  protected  system  file  by  the  System  Administrator.  Each 
account  has  a  logon  ID  and  a  password.  SVS/OS  CAP  1.01  also  provides  optional  password 
control  capabilities  which  include  system  generated  passwords;  password  expiration;  limiting 
of  invalid  logon  attempts;  locking  of  unused  logon  IDs;  restricting  logons  for  a  logon  ID  by 
time  and  date;  enforcing  minimum  password  length;  maintaining  a  password  history  to 
prevent  their  reuse;  and  password  encryption. 
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Discretionary  access  controls  (DAC)  on  files  consist  of  access  control  lists  and  file  protection 
classes  which  use  hierarchical  access  levels  (Write,  Read,  Execute,  and  Null).  The  access 
control  lists  can  allow  access  by,  or  deny  access  to,  individuals  or  groups  of  individuals. 

SVS/OS  CAP  1.01  provides  auditability  of  all  security-relevant  events.  The  SA  can  select 
events  to  be  audited,  create  log  files,  and  specify  log  file  sizes.  The  selectivity  of  events  is 
based  on  three  categories:  system,  file,  and  user.  System  events  are  the  events  auditable  for 
every  file  and  user  on  the  system.  File  events  are  the  auditable  events  related  to  a  particular 
file,  or  set  of  files,  and  user  events  are  the  events  auditable  for  a  given  user  ID  or  set  of  user 
ID,  including  operators.  The  SA  is  able  to  select  events  to  be  audited  through  a  menu  driven 
interface.  SVS/OS  CAP  1.01  allows  the  SA  to  produce  reports  based  upon  the  audit  data. 
These  reports  are  easy  to  read  and  interpret. 

For  a  complete  description  of  how  Wang  SVS/OS  CAP  1.01  satisfies  each  requirement  of  the 
Criteria,  see  Final  Evaluation  Report,  Wang  Corportation,  SVS/OS  CAP  1.00  (Report  No. 
CSC-EPL-90/004)  and  Final  Evaluation  Report  Addendum,  Wang  Corporation,  SVS/OS 
CAP  1.01  (Report  No.  CSC-EPL-90/004.A). 
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PUBLICATIONS  ISSUED  BY  THE  STANDARDS, 
CRITERIA  AND  GUIDELINES  DIVISION 
As  of  5  December  1991 


PUBLICATIONS  ISSUED  BY 

THE  STANDARDS,  CRITERIA  AND  GUIDELINES  DIVISION 

1.  Department  of  Defense  Trusted  Computer  System  Evaluation  Criteria  26  December  1985, 
DOD  5200.28-STD  (Supersedes  CSC-STD-001-83,  dtd  15  Aug  83  ). 

2.  Department  of  Defense  Password  Management  Guideline  12  April  1985,  CSC-STD-002-85. 

3.  Computer  Security  Requirements  -  -  Guidance  for  Applying  the  Department  of  Defense 
Trusted  Computer  System  Evaluation  Criteria  in  Specific  Environments  25  June  1985,  CSC- 
STD-003-85. 

4.  Technical  Rationale  Behind  CSC-STD-003-85;  Computer  Security  Requirements  -  -  Guid¬ 
ance  for  Applying  the  Department  of  Defense  Trusted  Computer  System  Evaluation  Criteria 
in  Specific  Environments  25  June  1985,  CSC-STD-004-85. 

5.  Department  of  Defense  Magnetic  Remanence  Security  Guideline  15  November  1985,  CSC- 
STD-005-85. 

6.  Advisory  Memorandum  on  Office  Automation  Security  Guideline  16  January  1987,  NTIS- 
SAM  COMPUSEC/1-87  (Supersedes  NCSC-WA-002-85). 

7.  Trusted  Network  Interpretation  of  the  Trusted  Computer  System  Evaluation  Criteria  31 
July  1987,  NCSC-TG-005,  Version  1. 

8.  A  Guide  To  Understanding  Discretionary  Access  Control  In  Trusted  Systems  30  Septem¬ 
ber  1987,  NCSC-TG-003,  Version  1. 

9.  A  Guide  To  Understanding  Configuration  Management  In  Trusted  Systems  28  March 
1988,  NCSC-TG-006,  Version  1. 

10.  A  Guide  to  Understanding  Audit  in  Trusted  Systems  1  June  1988,  NCSC-TG-001, 
Version  2. 

11.  Computer  Security  Subsystem  Interpretation  of  the  Trusted  Computer  System  Evalua¬ 
tion  Criteria  16  September  1988,  NCSC-TG-009,  Version  1. 

12.  A  Guide  To  Understanding  Design  Documentation  In  Trusted  Systems  6  October  1988, 
NCSC-TG-007,  Version  1. 

13.  Glossary  of  Computer  Security  Terms  21  October  1988,  NCSC-TG-004,  Version  1  ( 
NCSC-WA-001-85  is  obsolete). 

14.  A  Guide  To  Understanding  Trusted  Distribution  In  Trusted  Systems  15  December  1988, 
NCSC-TG-008,  Version  1. 

15.  Guidelines  for  Formal  Verfication  Systems  1  April  1989,  NCSC-TG-014,  Version  1. 

16.  Rating  Maintenance  Phase  -  Program  Document  23  June  1989,  NCSC-TG-013,  Version 

1. 

17.  Trusted  UNIX  Working  Group  (TRUSIX)  Rationale  for  Selecting  Access  Control  List 
Features  for  the  UNIX  System  7  July  1989,  NCSC-TG-020-A,  Version  1. 
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18.  Trusted  Product  Evaluation  Questionnaire  16  October  1989,  NCSC-TG-019,  Version  1. 

19.  A  Guide  to  Understanding  Trusted  Facility  Management  18  October  1989,  NCSC-TG- 
015,  Version  1. 

20.  Computer  Viruses:  Prevention,  Detection,  and  Treatment  12  March  1990,  Cl-Technical 
Report-001. 

21.  Trusted  Product  Evaluations  :  A  Guide  For  Vendors  29  April  1990,  NCSC-TG-002, 
Version  1. 

22.  Trusted  Network  Interpretation  Environments  Guideline  —  Guidance  for  applying  the 
Trusted  Network  Interpritation  1  August  1990,  NCSC-TG-011,  Version  1. 

23.  Trusted  Database  Management  System  Interpretation  of  the  Trusted  Computer  System 
Evaluation  Criteria  April  1991,  NCSC-TG-021,  Version  1. 

Single  copies  of  the  above  documents  may  be  obtained  by  contacting  : 


DIRECTOR 

National  Computer  Security  Center 
ATTN:  X71 

Fort  George  G.  Meade,  MD 
20755-6000 


or  calling 

(410)  766-8729 
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ENDORSED  TOOLS  LIST 
As  of  5  December  1991 


INTRODUCTION 

The  primary  goal  of  the  National  Computer  Security  Center  (NCSC)  is  to  encourage  the 
widespread  availability  of  trusted  systems.  This  goal  is  realized,  in  large  measure,  through  the 
NCSC’s  Commercial  Product  Evaluation  Program.  This  program  focuses  on  the  technical 
evaluation  of  the  protection  capabilities  of  commercially  produced  and  supported  systems. 
The  standards  against  which  products  are  evaluated  are  the  Department  of  Defense  Trusted 
Computer  System  Evaluation  Criteria  (TCSEC),  the  Trusted  Network  Interpretation  of  the 
Trusted  Computer  System  Evaluation  Criteria  (TNI),  the  Computer  Security  Subsystem 
Interpretation  of  the  Trusted  Computer  System  Evaluation  Criteria  (CSSI),  and  the  Trusted 
Database  Management  System  Interpretation  of  the  Trusted  Computer  Evaluation  Criteria 
(TDI). 

The  TCSEC  and  TNI  classify  systems  into  seven  hierarchical  classes  based  on  features  and 
assurances  to  support  three  types  of  security  requirements  -  policy,  accountability,  and  as¬ 
surance.  One  of  the  assurance  requirements.  Design  Specification  and  Verification,  appears 
in  the  upper  classes  of  the  TCSEC  and  TNI.  The  highest  level  of  trust.  Verified  Design  or 
Al,  requires  that  a  Formal  Top  Level  Specification  of  the  design  be  maintained  and  shown, 
either  formally  or  informally,to  be  consistent  with  the  formal  security  policy  model  for  the 
system.  In  addition,  the  requirements  state  that  “This  verification  evidence  shall  be  con¬ 
sistent  with  that  provided  within  the  state-of-the-art  of  the  particular  Computer  Security 
Center-endorsed  formal  specification  and  verification  system  used.” 

PURPOSE 

The  purpose  of  the  Endorsed  Tools  List  (ETL)  is  to  inform  system  developers  which  formal 
specification  and  verification  tools  are  endorsed  by  the  NCSC  for  use  in  designing  candidate 
Al  systems  (that  is,  approved  for  use  in  satisfying  the  Al  Design  Specification  and  Verifi¬ 
cation  requirement).  The  ETL  specifies  the  current  version  of  each  verification  tool  that  is 
approved  by  the  NCSC. 

Additions  to  and  deletions  from  the  ETL  will  occur  as  the  need  arises,  as  determined  by  the 
NCSC.  A  compelling  reason  must  exist  to  justify  the  addition  of  a  verification  tool  onto  the 
ETL.  The  proposed  tool  will  have  to  offer  some  significant  capability  not  provided  by  the 
current  set  of  tools.  Addition  of  a  tool  onto  the  ETL  means  that  this  tool  may  be  named 
in  a  Verification  Tool  Memorandum  of  Agreement  (MO A)  between  the  NCSC  and  a  system 
developer.  The  MOA  should  specify  the  specific  tool  and  version  to  be  used  in  the  formal 
verification  process. 

Likewise,  profound  changes  in  circumstances  could  result  in  the  removal  of  a  verification 
tool  from  the  list  (e.g.,  discontinuance  of  support  from  the  tool  developer).  Removal  of  a 
tool  from  the  ETL  means  that  no  new  MOAs  between  the  NCSC  and  system  developers 
will  be  executed  specifying  that  particular  tool  as  the  vehicle  for  formal  specification  and 
verification. 

Formal  verification  is  a  young  technology.  The  tools  are  constantly  undergoing  enhancement 
and  correction.  Consequently,  the  version  of  a  tool  that  has  been  evaluated  by  the  NCSC 
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may  not  be  the  newest,  most  capable  version.  These  modified  versions  of  an  endorsed  tool 
are  known  as  ’’beta”  tool  versions.  Beta  tool  versions  may  undergo  evaluation  by  the  NCSC 
and,  if  the  evaluation  criteria  are  met,  are  declared  to  be  the  new  endorsed  version  of  the 
verification  system,  replacing  the  previously  endorsed  version. 

Trusted  system  developers  may  choose  to  use  a  beta  version  of  an  endorsed  tool.  However,  it 
must  be  realized  that  beta  versions  have  not  been  completely  evaluated  and  are  not  endorsed. 
Beta  versions  are  released  primarily  to  allow  the  verification  tool  developers  to  test  the  tool 
before  submitting  it  for  evaluation.  Thus,  beta  tool  users  incur  a  slight  risk.  When  entering 
a  formal  evaluation  with  the  NCSC,  specifications  and  proof  evidence  must  be  submitted 
which  can  be  completely  checked  without  significant  modification  using  either  the  currently 
endorsed  version  of  a  verification  tool  or  a  previously  endorsed  version  that  was  agreed  upon 
in  a  MOA.  Submitted  specifications  and  proof  evidence  which  are  not  compatible  with  the 
endorsed  or  agreed  upon  version  of  the  tool  may  require  substantial  modification  by  the 
system  developer. 

The  Guidelines  for  Formal  Verification  Systems  was  approved  in  April  1989  by  the  NCSC. 
The  products  on  the  ETL  were  evaluated  and  endorsed  prior  to  the  guideline’s  completion. 
These  products  were  evaluated  against  draft  versions  of  the  guideline.  The  outcome  of  the 
evaluation,  including  a  complete  analysis  of  the  verification  tool,  is  documented  in  a  Technical 
Assessment  Report  (TAR).  The  ETL  entry  is  intended  as  only  a  brief  summary  for  quick 
reference  and  therefore  should  not  be  used  as  the  sole  source  for  choosing  a  verification 
tool.  Combining  information  from  both  the  ETL  entry  and  the  TAR  is  vital  to  making  a 
well-informed  decision.  The  TARs  can  be  obtained  by  contacting  the  Office  of  Research  and 
Development  at  the  National  Computer  Security  Center  in  writing. 


DIRECTOR 

National  Computer  Security  Center 
ATTN:  R232,  TAR  request 
Fort  George  G.  Meade,  MD 
20755-6000 
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DEFINITIONS 

BETA  TOOL  VERSIONS  -  Beta  versions  are  intermediate  releases  of  a  product  to  be  tested 
at  one  or  more  customer  sites  by  the  software  end-user.  The  customer  describes  in  detail  any 
problems  encountered  during  testing  to  the  developer,  who  makes  the  appropriate  modifica¬ 
tions.  Beta  versions  are  not  endorsed  by  the  NCSC,  but  are  primarily  used  for  debugging 
and  testing  prior  to  submission  for  endorsement. 

ENDORSED  TOOLS  LIST  (ETL)  -  A  list  composed  of  those  verification  tools  currently 
recommended  by  the  NCSC  for  use  in  satisfying  the  Al  Design  Specification  and  Verification 
requirement  in  the  Trusted  Computer  System  Evaluation  Criteria  and  Trusted  Network 
Interpretation  of  the  Trusted  Computer  System  Evaluation  Criteria. 

GUIDELINES  FOR  FORMAL  VERIFICATION  SYSTEMS  -  NCSC-TG-OU  -  A  document 
that  provides  the  basis  for  determining  the  technical  merit  and  stability  of  formal  specification 
and  verification  tools.  The  criteria  provides  verification  system  evaluators  with  a  metric  with 
which  to  assess  the  breadth  of  a  verification  tool  and  provides  guidance  to  developers  on  the 
fundamental  requirements  of  candidate  endorsed  verification  tools. 

TRUSTED  COMPUTER  SYSTEM  EVALUATION  CRITERIA  (TCSEC) .  A  Department 
of  Defense  standard  (DoD  5200.28-STD)  that  was  published  in  December  1985  to  provide 
a  means  for  evaluating  specific  security  features  and  assurance  requirements  available  in 
’’trusted  commercially  available  automatic  data  processing  systems”.  The  rating  scale  in  the 
TCSEC  extends  from  one  that  represents  a  minimal  level  of  trust  to  one  for  ’’state  of  the 
art”  features  and  assurances. 

TRUSTED  NETWORK  INTERPRETATION  OF  THE  TCSEC  (TNI)  -  A  document,  pub¬ 
lished  in  July  1987,  that  provides  a  means  for  evaluating  specific  security  features  and  as¬ 
surance  requirements  as  well  as  additional  security  services  of  networks. 

VERIFICATION  TOOL  MEMORANDUM  OF  AGREEMENT  (MOA)  -  A  Memorandum 
of  Agreement  between  a  trusted  system  developer  and  the  NCSC  in  which  both  agree  on 
the  endorsed  verification  tool  and  version  to  be  employed  for  the  secure  system  development 
effort. 
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FORMAL  DEVELOPMENT  METHODOLOGY 


VENDOR:  UNISYS  Corporation 

VERSION  EVALUATED:  12.4 

EVALUATION  DATE:  15  January  1988 

PRODUCT  DESCRIPTION: 

The  Formal  Development  Methodology  consists  of  a  set  of  tools  and  languages,  as  follows: 

(1)  The  Ina  Jo  language,  for  writing  specifications  and  requirements. 

(2)  The  Inamod  language,  an  extension  of  the  Ina  Jo  language,  for  writing  assertions  about 
programs. 

(3)  The  Ina  Jo  Processor,  for  examining  specifications  and  files  of  completed  proofs.  The 
post-processor  eliminates  all  steps  not  actually  used  in  a  proof,  converts  the  contents  of  the 
file  from  the  ITP  internal  representation,  and  reformats  the  text. 

The  goal  of  FDM  is  to  design,  formally  specify  and  produce  verified  code  for  complete 
systems.  However,  some  of  the  software  tools  of  FDM  are  incomplete  at  this  time.  The  Ina 
Jo  and  Inamod  languages  are  considered  complete;  language  extensions  and  new  capabilities 
to  aid  the  user  are  occasionally  implemented.  In  addition,  the  Ina  Jo  language  processor, 
the  ITP,  and  the  ITP  post-processor  are  complete.  The  initial  VCG,  for  Modula,  and  Ina 
Flo  have  not  been  completed  and  were  not  part  of  the  evaluation  or  endorsement. 

FDM  has  been  used  extensively  on  over  a  half-dozen  significant  systems  for  DCA,  AFWL, 
RADC,  and  others.  Applications  include  Autodin  II,  the  Secure  Transaction  Processing  Ex¬ 
periment  (STPE),  a  Job  Stream  Separator  (JSS),  a  kernelized  IBM  VM  (KVM),  a  Computer 
Operating  System/Network  Front  End  (COS/NFE),  and  the  Secure  Release  Terminal.  FDM 
has  been  used  in  several  recent  A1  development  efforts,  including  Blacker. 

EVALUATION  SUMMARY: 

FDM  12.4  has  been  evaluated  by  the  National  Computer  Security  Center.  The  evaluation 
team  analyzed  the  changes  between  the  12.3  and  Beta  4  version  of  the  tool.  The  changes 
fell  into  the  following  categories:  syntax  changes,  bug  fixes,  new  features,  and  changes  to 
theorems.  In  addition  to  the  changes  that  were  identified  by  the  developer,  the  team  exam¬ 
ined  configuration  management  evidence,  source  code,  documentation,  and  existing  problems 
with  the  tool  that  were  identified  in  the  Verification  Assessment  and  Mitre  Reports. 

The  evaluation  was  not  exhaustive,  but  was  sufficient  to  determine  that  version  12.4  is  a 
distinct  improvement  over  version  12.3.  A  few  of  the  most  notable  enhancements  are  the 
increase  in  theorem  proving  capability,  the  addition  of  a  type  checking  facility,  and  improved 
error  reporting.  A  complete  discussion  of  the  changes  to  the  tool  can  be  found  in  the 
Technical  Assessment  Report. 
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GYPSY  VERIFICATION  ENVIRONMENT 


VENDOR;  Computational  Logic  Inc.  (CLING)  VERSION 

EVALUATED:  GVE  version  13.16  (Gypsy  dialect  2.05) 

EVALUATION  DATE:  July  1987 


PROJECT  DESCRIPTION: 

The  GVE  consists  of  a  set  of  tools  and  languages,  as  follows: 

(1)  The  Gypsy  language,  which  is  used  for  both  system  design  and  specification. 

(2)  The  Verification  Condition  Generator,  which  translates  specifications  into  problems  in 
first-order  logic. 

(3)  The  Gypsy  Theorem  Prover  (GTP),  for  determining  whether  first-order  logic  statements 
are  theorems. 

(4)  The  Gypsy  to  Bliss  translator,  which  converts  Gypsy  code  to  Bliss  code. 

(5)  The  Gypsy  to  Ada  translator,  which  converts  a  subset  of  the  present  Gypsy  language 
into  non-standard  Ada. 

(6)  The  DataBase  Manager,  which  is  used  to  track  the  status  of  various  scopes  and  theorems 
the  user  is  maintaining. 

(7)  The  Gypsy  language  parser,  for  determining  the  syntactic  and  semantic  validity  of  a 
design. 

(8)  An  interface  to  the  ZMACS  editor  for  ease  of  text  entry. 

(9)  A  program  optimizer  which  proves  the  validity  of  efficiency-based  decisions  in  compila¬ 
tion. 

The  Gypsy  Verification  Environment  (GVE)  is  designed  to  be  a  complete  verification  sys¬ 
tem  supporting  both  a  specification  language  and  a  programming  language.  The  goal  is  to 
formally  specify  and  verify  design  and  code  for  computer  systems  and  applications.  How¬ 
ever,  some  of  the  software  tools  of  the  GVE  are  incomplete.  The  Gypsy  to  Ada  translator 
currently  converts  a  subset  of  the  Gypsy  language  to  nonstandard  Ada.  The  dependency 
tracking  mechanism  of  the  GVE,  currently  does'nol  provide  complete  and  proper  tracking 
of  dependencies  between  specifications,  code,  proofs  and  lemmas. 

The  GVE  has  been  used  in  a  number  of  prior  efforts,  including  the  Secure  Communica¬ 
tions  Processor,  the  Encrypted  Packet  Interface,  and  is  presently  being  used  in  several  Al 
development  efforts. 


4-5.5 


EVALUATION  SUMMARY: 

The  Gypsy  Verification  Environment  version  13.16  using  Gypsy  dialect  2.05  has  been  evalu¬ 
ated  by  the  National  Computer  Security  Center  (NCSC)  against  the  requirements  specified 
by  the  Verification  System  Evaluation  Factors.  The  NCSC  has  determined  that  the  GVE 
satisfies  all  of  the  requirements  at  the  minimum  level.  However,  it  was  noted  that  there 
is  an  obvious  need  for  better  documentation  for  system  users,  especially  for  new  users.  In 
addition,  the  lack  of  a  formal  basis  and  formal  semantic  definition  is  a  serious  shortcoming 
that  needs  to  be  addressed  in  the  near  future.  While  the  GVE  is  not  without  weaknesses,  it 
has  received  acceptance  throughout  the  verification  community,  not  only  for  its  applicability 
and  convenient  approach,  but  also  for  its  unique  capabilities.  The  GVE  is  currently  the  only 
system  which  has  the  capability  to  handle  (limited)  concurrency  or  do  code  level  proofs. 


Verification  Evaluation  Factors 

1.  Specification  Language 

2.  Theorem  Prover 

3.  Implementation 

4.  Documentation 

5.  Features 

6.  Assurance  and  Soundness 

7.  User  Interface 

8.  Methodology 


For  a  complete  description  of  how  the  GVE  satisfies  each  of  the  evaluation  factors,  see 
Technical  Assessment  Report  for  GVE  13.16  using  Gypsy  2.05. 
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DOCKMASTER 


DOCKMASTER 


The  National  Computer  Security  Center’s  (NCSC’s)  unclassified  computer  system,  DOCK- 
MASTER,  was  established  in  1985  as  an  Information  Security  Showplace.  Located  just 
outside  of  Baltimore,  MD,  it  serves  as  the  focal  point  for  the  nationwide  dissemination  and 
exchange  of  Information  Security  data. 

Information  Security  data  is  provided  to  DOCKMASTER  customers  through  electronic  mail 
(which  provides  direct,  on-line,  person-to-person  distribution  of  text),  and  through  electronic 
Bulletin  Boards.  DOCKMASTER  also  provides  hands-on  exposure  to  versions  of  the  soft¬ 
ware  verification  tools  supported  by  the  Center  and  used  by  vendors  in  the  development  of 
highly  secure  computer  systems. 

At  present  there  are  over  3000  users  on  DOCKMASTER  utilizing  it’s  capabilities  to  the 
fullest.  These  users  retrieve  data,  such  as  available  training  courses,  upcoming  INFOSEC 
conferences,  and  the  Evaluated  Products  List.  The  user  family  encompasses  the  Department 
of  Defense,  other  federal  agencies,  contractors,  academia,  and  commercial  corporations  -  all 
concerned  with  Information  Security. 

DOCKMASTER  is  a  large-scale,  general-purpose,  multi-user  Honeywell  DPS870M  computer 
system.  The  NCSC  chose  this  computer  because  of  its  Multics  Operating  System,  which  has 
been  given  a  security  rating  of  B2  as  defined  by  the  Department  of  Defense  Trusted  Computer 
System  Evaluation  Criteria,  also  known  as  the  ’’Orange  Book”. 

The  Multics  operating  system  maintains  tight  access  control  on  all  system  files  and  pro¬ 
grams.  It  will  not  grant  a  user  access  to  any  data  on  the  system  unless  that  permission  has 
previously  been  established  by  the  proper  personnel,  based  on  a  valid  requirement  for  the 
data.  DOCKMASTER’s  user  identification  codes  and  passwords  form  an  important  com¬ 
ponent  of  its  security  architecture.  DOCKMASTER  users  also  play  a  vital  security  role  by 
protecting  their  assigned  account  ID  and  passwords,  thus  protecting  the  data  to  which  they 
have  access. 

The  NCSC  currently  provides,  free  of  charge  to  its  DOCKMASTER  users,  several  mecha¬ 
nisms  for  accessing  the  system.  They  include  MILNET,  TYMNET,  and  local  dial-in. 

MILNET  is  a  portion  of  the  nationwide  Defense  Data  Network  (DDN)  and  is  an  operational 
Defense  Department  network.  TYMNET  is  a  nation-wide,  value-added  network  used  for 
remote  access  into  DOCKMASTER.  Local  dial-in  provides  a  telephone  number  so  users  may 
dial  into  the  system  from  the  local  area. 

If  you  would  like  to  obtain  an  account  on  DOCKMASTER,  please  complete  the  following 
DOCKMASTER  Registration  Packet. 
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INSTRUCTIONS  FOR  COMPLETING  THIS  PACKET 


1.  Read  through  the  attached  Policy  portion  of  this  packet.  This  is  your  copy  to  retain  for 
future  reference. 

2.  Complete  the  entire  request  form. 

a.  The  Requester  Information  is  self  explanatory.  (User  types  can  be  determined  by  reading 
the  Policy). 

b.  The  Endorser  Information  is  completed  by  the  requester’s  supervisor. 

c.  Your  project  will  be  Catwalk  unless  your  NCSC  sponsor  informs  you  otherwise.  (Catwalk 
is  a  generic  project  which  allows  for  use  of  all  public  forums  on  the  system  and  for  use  of 
the  mail  system). 

d.  The  Intended  Use  of  the  Account  is  self  explanatory. 

e.  The  Estimated  Period  of  Use  is  self-explanatory. 

f.  The  Communications  Access  Requirement  is  self-explanatory.  (Tymnet  is  free  of  charge 
to  our  users) 

g.  Sign  the  requester’s  signature  line. 

h.  The  sponsor’s  signature  will  be  signed  by  an  NCSC  employee. 

3.  Sign  the  Memorandum  of  Agreement.  NO  ACCOUNT  WILL  BE  ISSUED  WITHOUT 
ONE!!! 

4.  If  you  are  NOT  applying  for  a  Catwalk  account,  also  sign  the  DOCKMASTER  Access 
Agreement.  Failure  to  do  so  will  delay  the  registration  process. 

5.  Return  the  appropriate  forms  to: 


DIRECTOR 

National  Computer  Security  Center 
ATTN:  C83,  Accounts  Administrator 
Fort  George  G.  Meade,  MD 
20755-6000 


OR 

DIRECTOR 

National  Computer  Security  Center 
ATTN:  The  name  of  your  sponsor 
Fort  George  G.  Meade,  MD 
20755-6000 
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POLICY 


Date:  July  1989 

NATIONAL  COMPUTER  SECURITY  CENTER  (NCSC)  POLICY: 

ESTABLISHING  NEW  USER  ACCOUNTS  ON  DOCKMASTER 

I.  DOCKMASTER  is  the  NCSC’s  UNCLASSIFIED  Computer  System  currently  serving  its 
user  community  in  support  of  the  Center’s  mission  to  further  computer  security.  DOCK- 
MASTER  provides  a  focal  point  for  interacting  and  exchanging  computer  security  related 
ideas  amongst  its  users.  It  is  not  an  intermediate  node  for  connecting  to  other  Network 
Hosts. 

II.  Definitions: 

a.  User  -  A  person  or  logical  entity,  such  as  a  Daemon,  who  is  registered  on  the  DOCKMAS¬ 
TER  system  and,id,  and  tag.  A  person  may  be  registered  on  more  than  one  project  (unless 
one  of  the  projects  is  Catwalk).  Thus,  one  person  can  be  two  different  users,  since  a  user  is 
identified  by  the  combination  of  his  userid,  project  Jd  and  tag. 

b.  CESSO  -  Computer  Equipment  Systems  Security  Officer.  The  CESSO  is  responsible 
for  all  security  related  concerns.  The  DOCKMASTER  CESSO  is  Cindy  Hash  who  may  be 
reached  on  1-800-336-DOCK. 

c.  System  Administrator  -  A  highly  privileged  user  who  maintains  system  data  bases  that 
control  when  and  by  whom  the  system  can  be  accessed.  The  system  administrator  has  access 
to  all  Multics  commands  and  has  the  ability  to  alter  any  operating  parameter  of  the  system 
and  make  emergency  repairs.  The  system  administrator  also  ensures  the  correct  use  of  the 
system  resources.  The  DOCKMASTER  system  administrators  are  Linda  Adkins,  Les  Gotch, 
Tony  Thibodeaux  and  Joe  Paradiso.  They  can  be  reached  on  1-800-336-DOCK. 

d.  Accounts  Administrator  -  A  special  class  of  system  administrator  who  has  limited  access 
to  register  users,  run  the  billing  software,  and  perform  accounting  functions  (e.g.,  monitors 
quota  assigned  to  projects).  The  accounts  administrators  are  Cindy  Hash  and  Dawn  Brown. 
They  can  also  be  reached  on  1-800-336-DOCK. 

e.  Project  -  A  set  of  users  grouped  together  for  accounting  and  access  control  purposes. 

f.  Project  Administrator  -  A  person  who  has  the  access  to  specify  the  spending  limits  and 
other  attributes  for  the  users  of  a  particular  project.  The  project  administrator  maintains 
the  project  master  file  (pmf).  If  the  duties  of  project  administrator  are  not  delegated  to  a 
project’s  administrator,  they  may  be  performed  by  an  accounting  or  system  administrator. 
All  DOCKMASTER  projects  will  be  delegated. 

g.  Projected  -  The  name  assigned  to  a  project.  The  name  must  be  from  one  to  nine 
characters,  and  must  begin  with  a  capital  letter  or  digit. 
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h.  Userid  -  A  unique  name  assigned  to  each  user  of  the  system.  It  is  usually  some  form  of 
the  user’s  name  (usually  his  surname).  The  name  must  be  from  one  to  twenty  characters, 
usually  begins  with  a  capital  letter,  and  may  not  contain  punctuation  characters.  A  password 
is  associated  with  the  userid.  The  userid  can  be  used  to  identify  a  person  on  several  projects. 

i.  NCSC  -  National  Computer  Security  Center.  The  mailing  address  is: 


DIRECTOR 

National  Computer  Security  Center 
Fort  George  G.  Meade,  MD 
20755-6000 


j.  Owner  Company  -  A  company  for  whom  a  Project  has  been  created. 

III.  Policy 

1.  The  HardwareSoftware  Division  is  the  Office  of  Primary  Interest  (OPI)  for  all  adminis¬ 
tration  and  use  of  DOCKMASTER  accounts. 

2.  The  HardwareSoftware  Division  is  responsible  for  the  establishment  of  new  user  accounts 
and  projects  on  DOCKMASTER  and  retains  final  approving  authority  for  all  accounts  and 
projects. 

3.  No  account  will  be  granted  without  a  signed  Memorandum  of  Agreement  on  file  with  the 
NCSC. 

4.  All  DOCKMASTER  users  must  be  a  United  States  citizen  or  an  alien  lawfully  admitted 
in  the  U.S.  for  permanent  residence. 

5.  All  DOCKMASTER  connections  must  be  made  within  the  continental  U.S. 

6.  The  NCSC  does  not  guarantee  anonymity  for  account  holders  on  DOCKMASTER.  In 
other  words,  we  will  not  guarantee  that  people  do  not  know  that  you  have  an  account  on 
DOCKMASTER. 

7.  Accounts  will  be  granted  based  on  the  availability  of  system  resources. 

8.  DOCKMASTER  will  be  used  for  UNCLASSIFIED  processing  only. 

9.  Any  detected  misuse  of  system  resources  (e.g.,  games,  profit)  or  circumvention  of  security 
mechanisms  will  result  in  the  deletion  of  the  user’s  account. 

10.  Unsuitable  language  on  DOCKMASTER  will  not  be  tolerated. 

11.  Any  opinions  expressed  by  National  Computer  Security  employees  can  not  be  interpreted 
as  official. 

12.  All  accounts  will  be  revalidated  twice  a  year.  If  a  user  has  not  used  his  account  for  six 
months,  the  account  will  be  deleted  without  notification.  To  re-establish  the  account,  a  new 
registration  packet  must  be  completed. 
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13.  Proprietary  access  for  users  will  be  given  only  with  the  concurrence  of  the  Project 
Administrator  for  the  project  containing  that  particular  type  of  proprietary  data.  Initial 
establishment  of  proprietary  data  on  the  system  MUST  have  the  approval  of  the  NCSC 
Office  of  Computer  Security  Evaluations,  Publications,  and  Support  so  that  the  appropriate 
mandatory  controls  can  be  implemented. 

14.  The  NCSC  is  not  obligated  to  give  communications  access  to  every  account  holder  (e.g.. 
Tymnet  access). 

15.  Users  wishing  dial-out  access  from  DOCKMASTER  must  submit  their  request  in  writing 
along  with  an  approval  signature  from  an  Office  Chief  within  the  NCSC.  This  request  should 
be  coordinated  with  the  project  administrator.  Each  request  will  be  evaluated  on  a  case  by 
case  basis  and  all  approved  requests  will  be  limited  in  the  duration  of  use. 

16.  The  NCSC  will  provide  all  new  account  holders  with  enough  documentation  to  use 
the  basic  services  of  DOCKMASTER.  The  NCSC  does  maintain  a  supply  of  various  other 
Multics  manuals  but  they  are  given  out  on  a  first  come  first  serve  basis.  Contact  the  Accounts 
Administrator  for  more  information  about  these  manuals.  Any  other  manuals  needed  must 
be  ordered  from  Honeywell  at  the  expense  of  the  user. 


Honeywell  Information  Systems  Inc. 
7900  Westpark  Drive 
McLean,  VA  22102 
ATTN:  Technical  Librarian 


17.  The  NCSC  reserves  the  right  to  change  or  modify  any  or  all  NCSC  provided  software 
at  any  time  without  prior  notice  to  the  user.  Where  possible,  users  will  be  notified  of 
incompatible  software  changes  well  in  advance. 

18.  New  user  accounts  will  be  installed  once  a  week. 

19.  Upon  installation  of  a  new  account,  the  new  user  will  be  notified  by  mail  of  his  userid 
and  password;  each  in  a  separate  envelope. 

20.  The  project  administrator  will  be  notified  to  install  the  new  user’s  userid  in  the  project 
master  file. 

21.  The  NCSC  is  not  required  to  assist  the  user  with  any  tasks  related  to  the  use  of  the 
software  nor  to  provide  the  user  with  any  training. 

22.  The  system  will  automatically  require  a  user  to  change  his  password  at  a  fixed  interval 
of  time.  Passwords  are  machine  generated. 

23.  The  third  consecutive  unsuccessful  login  attempt  will  be  automatically  reported  to  the 
CESSO.  The  user’s  process  will  be  dropped  and  the  user  will  have  to  establish  another 
connection. 
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24.  All  user  activity  is  subject  to  auditing  by  the  DOCKMASTER  system’s  audit  trails. 

25.  Any  knowledge  that  CLASSIFIED  data  has  been  introduced  to  DOCKMASTER  must 
be  reported  to  the  CESSO  immediately. 

26.  The  NCSC  will  maintain  a  trouble  reporting  mechanism  for  user  problems. 

27.  The  NCSC  will  not  be  obligated  to  ship  tapes  or  hardcopy  to  account  holders. 

28.  Availability  of  private  disk  packs  and  tapes  for  individuals  and  projects  will  depend 
upon  user  load  and  hardware  availability. 

29.  Although  DOCKMASTER  will  normally  be  available  24  hours  a  day,  7  days  a  week,  the 
NCSC  does  not  guarantee  uninterrupted  service.  Attended  service  will  be  provided  Monday 
through  Friday  between  the  hours  of  7;00am  and  6;00pm  EST;  and  on  weekends  between 
8:00am  and  4:00pm  EST.  All  account  holders  will  be  notified  in  advance  of  any  scheduled 
outages  (e.g.,  preventive  maintenance,  equipment  shutdown,  etc.). 

30.  Currently  there  are  six  user  types  for  individuals  requesting  access  to  DOCKMASTER: 
Type  1  -  Individuals  employed  by  the  NCSC 

Type  2  -  Individuals  employed  by  the  Host  Agency 

Type  3  -  Individuals  employed  by  other  US  Government  Organizations 

Type  4  -  Contractor  employees  working  on  an  official  computer  security  project  or  for  the 
US  Government 

Type  5  -  Individuals  aflfiliated  with  academia,  who  are  not  contractors 
Type  6  -  All  others 

31.  Individuals  listed  under  types  three,  four,  five  or  six  will  be  required  to  have  a  NCSC 
sponsor  before  obtaining  an  account. 

32.  Any  significant  changes  to  this  Policy  may  result  in  the  issuance  and  resigning  of  a  new 
Memorandum  of  Agreement. 
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DOCKMASTER  ACCOUNT  REQUEST  FORM 


REQUESTER  INFORMATION: 

User  Type  (reference  Policy):  - 

Name:  - 

Organization  -  Company:  - 

Business 

Address:  - 


Business 

Phone: 


Are  you  a  US  person  (i.e.  a  citizen  of  the  US  or  an  alien  lawfully  admitted  for  permanent 

residence)?  YES  NO  IF  NO,  write  country  or  countries  of  which  you  are  a  citizen - Are 

you  a  citizen  of  any  other  countries  (i.e.,  Dual  Citizenship)?  If  so,  of  what  countrycountries? 


ENDORSER  INFORMATION: 

Name: _ 

Title:  _ _ Business  Phone: - 

Signature: _ 

ON  WHICH  DOCKMASTER  PROJECT  DO  YOU  WISH  TO  BE  REGISTERED? 

_ NOTE:  You  will  be  registered  on  project  Catwalk  unless  you  have  a  need 

to  access  another  project.  Your  sponsor  will  tell  you  this. 

If  the  project  has  proprietary  data,  a  signature  from  the  project  administrator  is  necessary. 

INTENDED  USE  OF  ACCOUNT:  NOTE:  E-Mail  is  not  a  sufficient  reason  for  obtaining  an 
account: 
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ESTIMATED  PERIOD  OF  USE:  From _ To _ 

COMMUNICATIONS  ACCESS  REQUIREMENT: 

Local  Dial-In _ Milnet  TAC  Access _ Tymnet _ 

Already  Have  TAC _ 

REQUESTER’S  SIGNATURE: _ 

SPONSOR’S  SIGNATURE  : _ 

PRIVACY  ACT  STATEMENT 
AUTHORITY:  50  U.S.C.  402  (Note),  E.O.  12333 

PRINCIPLE  PURPOSE:  To  allow  the  National  Computer  Security  Center  to  manage  infor¬ 
mation  pertaining  to  a  client’s  DOCKMASTER  account. 

ROUTINE  USE:  Dissemination  within  the  National  Computer  Security  Center. 

DISCLOSURE  OF  INFORMATION:  Disclosure  of  this  information  is  voluntary. 

EFFECTS  OF  NOT  PROVIDING  THE  INFORMATION:  Failure  to  provide  the  information 
requested  could  result  in  the  inability  of  the  National  Computer  Security  Center  to  provide 
the  client  with  a  DOCKMASTER  account. 


INTERNAL  USE  ONLY 

DATE  RECEIVED: _ 

USERID  ASSIGNED: _ 

DATE  PACKET  MAILED: 
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MEMORANDUM  OF  AGREEMENT 


DATE:  JULY  1989 

NCSC  MEMORANDUM  OF  AGREEMENT:  ESTABLISHING  NEW  USER  ACCOUNTS 
ON  DOCKMASTER. 

The  purpose  of  this  document  is  to  outline  in  detail,  an  agreement  between  the  NCSC  and 
individual  users. 

1.  DOCKMASTER  will  be  used  for  UNCLASSIFIED  processing  only. 

2.  Sharing  of  accounts  (userids)  on  DOCKMASTER  is  prohibited.  Violators  will  lose  their 
accounts. 

3.  Users  are  responsible  for  the  protection  of  their  passwords.  Should  a  user  suspect  compro¬ 
mise  of  his  password,  he  must  change  it  immediately  and  report  the  suspected  compromise 
to  the  NCSC  CESSO  for  DOCKMASTER. 

4.  Any  detected  misuse  of  system  resources  (e.g.,  games,  profit)  or  circumvention  of  security 
mechanisms  will  result  in  the  deletion  of  the  user’s  account. 

5.  Users  no  longer  needing  their  accounts  will  notify  the  Accounts  Administrator  immedi¬ 
ately. 

6.  Users  will  notify  the  NCSC  of  any  change  in  their  employment  status  in  order  for  the 
Accounts  Administrator  to  validate  their  continued  use  of  DOCKMASTER. 

7.  Contractor  accounts  will  be  deleted  upon  the  completion  of  the  contract. 

8.  Users  will  not  copy  software  from  DOCKMASTER  without  the  written  permission  of  the 
NCSC’s  Office  of  Computer  Security  Evaluations,  Publications,  and  Support. 

9.  The  NCSC  andor  employees  of  the  NCSC  will  not  be  liable  for  the  loss  of  any  data  caused 
either  by  user  error  or  system  malfunction. 

10.  It  is  mutually  understood  and  agreed  between  the  parties  that  no  promise  of  of  payment 
is  made  herein  and  this  Memorandum  of  Agreement  constitutes  the  total  obligation  of  the 
parties.  No  other  promises,  either  expressed  or  implied,  are  made  or  are  to  be  imputed 
between  them. 
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11.  The  Agency  agrees  to  hold  all  properly  marked  and  specifically  identified  proprietary 
information  in  the  strictest  confidence  and  to  employ  reasonable  measures  to  prevent  the 
unauthorized  use  thereof  by  the  Agency  or  others,  which  shall  not  be  less  than  those  mea¬ 
sures  employed  by  any  party  in  protecting  its  own  proprietary  information  of  equivalent 
value,  so  long  as  the  Owner  considers  such  data  to  be  proprietary  or  until  the  Owner  has 
released  or  permitted  to  be  released  the  same  or  similar  data  to  others  without  a  corre¬ 
sponding  restriction  upon  its  dissemination  except  as  required  by  statute.  Executive  Order, 
or  regulation.  It  is  further  understood  and  agreed  that  no  restriction  shall  be  imposed  upon 
the  Agency  to  receive  and  freely  disseminate,  unless  precluded  by  Executive  Order,  law  or 
regulation,  the  same  or  similar  data  generated  independently  by  the  Agency  or  which  is 
received  or  made  available  to  the  Agency  from  other  sources. 

12.  No  information  acquired  as  a  result  of  access  to  DOCKMASTER  will  be  employed  for 
profit  or  publication  without  the  written  approval  of  the  NCSC. 

13.  The  user  agrees  to  abide  by  the  attached  Policy.  (Dated  July  1989) 

I  agree  to  abide  by  this  Memorandum  of  Agreement  knowing  that  any  violation  of  the  above 
will  result  in  the  deletion  of  my  account. 

Signature: _ Date: _ 
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DOCKMASTER  ACCESS  AGREEMENT 


DATE:  MARCH  1988 

NCSC  DOCKMASTER  ACCESS  AGREEMENT:  USER  ACCOUNTS  ON  DOCKMASTER 

This  document  details  the  agreement  between  the  National  Computer  Security  Center  (NCSC) 
and  the  individual  DOCKMASTER  users. 

1.  The  WATCHWORD  GENERATOR  will  be  used  in  conjunction  with  the  normal  login 
to  gain  access  to  the  NCSC  computer  system,  DOCKMASTER.  Users  registered  on  limited 
service  projects  will  not  be  using  a  WATCHWORD  GENERATOR. 

2.  Users  should  be  aware  that  the  WATCHWORD  GENERATOR  is  the  property  of  the 
United  States  Government,  and  as  such  should  be  used  only  to  access  DOCKMASTER. 

3.  Each  user  is  responsible  for  the  WATCHWORD  GENERATOR  assigned  to  them.  Any  de¬ 
vice  that  is  lost,  stolen,  or  damaged  should  be  reported  immediately  to  the  NCSC  Computer 
Equipment  Systems  Security  Officer  (CESSO)  for  DOCKMASTER. 

4.  Each  user  is  responsible  for  the  protection  of  the  Personal  Identification  Number  (PIN) 
assigned  to  the  WATCHWORD  GENERATOR.  Any  suspected  compromise  should  be  re¬ 
ported  inomediately  to  the  NCSC  CESSO  for  DOCKMASTER. 

5.  Each  user  must  promptly  return  the  WATCHWORD  GENERATOR  to  the  NCSC  once 
the  associated  DOCKMASTER  account  has  been  deleted.  Any  misuse  of  the  WATCH¬ 
WORD  GENERATOR,  or  failure  to  return  the  WATCHWORD  GENERATOR,  upon  the 
request  of  the  NCSC,  may  be  punishable  under  18  U.S.C.  section  641. 

6.  If  a  users  DOCKMASTER  account  is  terminated  because  of  inactivity,  the  user  will  be 
notified  to  return  the  WATCHWORD  GENERATOR  promptly  to  the  NCSC. 

7.  Without  the  NCSC  receipt  of  this  signed  DOCKMASTER  access  agreement,  a  WATCH¬ 
WORD  GENERATOR  WILL  NOT  be  distributed,  and  currentnew  accounts  will  be  forfeited. 

8.  In  addition  to  the  detailed  statements  above,  each  user  will  be  held  responsi  ble  for  the 
information  originated  on  the  Memorandum  of  Agreement  dated  July  1989  (ESTABLISH¬ 
ING  NEW  USER  ACCOUNTS  ON  DOCKMASTER).  9.  The  user  agrees  to  abide  by  this 
DOCKMASTER  ACCESS  AGREEMENT.  (Dated  March  1988) 

I  agree  to  abide  by  this  DOCKMASTER  ACCESS  AGREEMENT  knowing  that  any  viola¬ 
tion  of  the  above  will  result  in  the  confiscation  of  the  WATCHWORD  GENERATOR  and 
the  deletion  of  my  account. 

Signature: - Date: - 
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PRIVACY  ACT  STATEMENT 

AUTHORITY:  50  U.S.C.  402  (Note),  E.O.  12333 

PRINCIPLE  PURPOSE:  To  allow  the  National  Computer  Security  Center  to  manage  infor¬ 
mation  pertaining  to  a  client’s  DOCKMASTER  account. 

ROUTINE  USE:  Dissemination  within  the  National  Computer  Security  Center. 

DISCLOSURE  OF  INFORMATION:  Disclosure  of  this  information  is  voluntary. 

EFFECTS  OF  NOT  PROVIDING  THE  INFORMATION:  Failure  to  provide  the  information 
requested  could  result  in  the  inability  of  the  National  Computer  Security  Center  to  provide 
the  client  with  a  DOCKMASTER  account. 
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INTRODUCTION  TO  THE  U.S.  GOVERNMENT  PREFERRED  PRODUCTS  LIST 

The  U.S.  Government  Preferred  Products  List  (PPL)  is  a 
list  of  commercially  developed  and  produced  TEMPEST 
telecommunications  equipment  which  were  accredited  by  the 
Countermeasures  Advisory  Panel  (CAP)  as  compliant  with  all 
applicable  TEMPEST  requirements  specified  in  the  National 
TEMPEST  Standard,  NACSIM  5100 (  ),  "Compromising  Emanations 
Laboratory  Test  Standard,  Electromagnetic  (U),"  dated  March 
1974,  or  the  current  version,  NACSIM  5100A,  dated  1  July 
1981.  AMSG  720B  is  the  NATO  e<^ivalent  of  NACSIM  5100A. 
Products  on  this  list  were  designed,  developed,  and 
manufactured  by  companies  which  were  members  of  the  National 
Security  Agency's  Industrial  TEMPEST  Program  (ITP) . 

On  8  March  1988,  the  ITP  was  abolished  and  replaced  by 
the  TEP,  which  consists  of  three  subprograms,  the  Endorsed 
TEMPEST  Products  Program  (ETPP) ,  the  Endorsed  TEMPEST  Test 
Services  Program  (ETTSP) ,  and  the  Endorsed  TEMPEST  Test 
Instrumentation  Program  (ETTIP) .  The  new  TEP  emphasizes 
participation  based  upon  individual  product  or  service 
endorsement,  vice  company  membership.  Products  endorsed 
under  the  auspices  of  the  ETPP  are  listed  on  the  Endorsed 
TEMPEST  Products  List  (ETPL) ,  not  the  PPL.  Test  Services 
endorsed  under  the  auspices  of  the  ETTSP  are  listed  on  the 
ETTSL. 

NSA  will  continue  to  publish  the  PPL  until  January  1995 
or  until  the  PPL  no  longer  includes  products  that  are  fully 
and  currently  accredited  in  accordance  with  the  program 
procedures.  The  PPL  will  not,  however,  continue  to  be  a 
dynamic  document.  Products  will  only  be  listed  in  their 
original  configurations  as  published  in  the  PPL  as  of  January 
1990.  Companies  will  not  be  authorized  to  make  any 
enhancements  or  additions  to  the  products  as  listed.  Should 
the  companies  desire  to  produce  new  products  or  make 
enhancements  or  additions  to  the  PPL-listed  products,  they 
will  be  required  to  submit  a  product  proposal  in  accordance 
with  the  requirements  of  the  ETPP.  Companies  are  invited  to 
submit  their  PPL-listed  products  for  evaluation  under  the 
auspices  of  the  ETPP.  PPL-listed  products  which  satisfy  the 
ETPP  endorsement  requirements  will  be  included  on  the  PPL  and 
ETPL. 


WARNINGS  AND  CAVEATS 

a.  The  PPL  is  designed  to  assist  U.S.  Government 
buyers  and  users  to  identify  commercially  available  equipment 
which  meet  the  national  TEMPEST  standard.  The  PPL  does  not, 
however,  constitute  an  inclusive  list  of  products  which  meet 
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the  national  TEMPEST  standard. 


b.  CAP  Accreditation  is  limited  to  the  specific 
product,  manufacturer,  and  configuration  of  the  product 
delineated  on  the  PPL.  Users  of  equipment  are  cautioned  that 
similar  products  of  other  manufacturers  or  equipment 
deviating  from  the  PPL  configuration  may  not  meet  TEMPEST 
standards.  Similarly,  equipment/ systems  interconnecting  with 
PPL-listed  equipment  may  not  meet  TEMPEST  standards.  Users 
are  therefore  advised  to  consult  with  their  TEMPEST  authority 
before  processing  classified  information  on  non-accredited 
equipment/ systems . 

c.  By  the  definitions  provided  in  the  1984  ITP 
Advertising  Guidelines,  the  phrase  "Designed  to  meet  NACSIM 
5100A"  is  to  be  used  to  describe  products  which  will  be 
advertised  as  containing  TEMPEST  control  measures,  but  which 
have  either  not  been  TEMPEST  tested  at  all  or  such  tests  have 
not  been  completed.  Accordingly,  a  product  advertised  as 
"Designed  to  meet  NACSIM  5100A"  may  indicate  that  the  TEMPEST 
characteristics  of  the  product  have  not  been  verified.  Users 
requiring  NACSIM  5100A-compliant  equipment  should  only  use 
products  which  have  been  fully  tested  to  determine  the 
product  meets  the  national  standard. 

d.  EXPORT  CONTROL  NOTE:  TEMPEST  equipment  falls 
under  the  licensing  jurisdiction  of  the  Department  of  State, 
Category  XI  (C) ,  Title  22  of  Federal  Regulations,  Section 
121. 


e.  The  equipment  on  the  PPL  is  listed  by  the  name 
of  the  company  which  manufactured  the  TEMPEST  version  of  the 
product  and  not  by  the  Original  Equipment  Manufacturer  (OEM) . 

OUTLINE  OF  SECTIONS 

The  PPL  consists  of  six  sections  as  follows: 

a.  Index  (Section  I)  —  A  list  of  all  equipment 
included  in  the  PPL  and  sorted  alphabetically  by  the  TEMPEST 
manufacturer's  name.  A  cross-reference  can  be  made  to  other 
sections  in  the  document  for  additj.onal  information  on  the 
equipment. 


b.  White  Pages  (Section  II) :  A  list  of  fully 
accredited  products.  Full  accreditation  is  granted  for  the 
successful  completion  of  a  complete  NACSIM  5100A  test  done  on 
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a  production  unit  during  the  first  three  months  of 
production.  A  Quality  Assurance  Plan  specifically  tailored 
for  the  PPL  item  is  required  before  full  accreditation  is 
granted . 

c.  Yellow  Pages  (Section  III) :  A  list  of  products 
removed  from  Section  II  due  to  recently  discovered  and  NSA- 
confirmed  TEMPEST  deficiencies.  Manufacturers  have  a  maximum 
of  six  months  to  satisfactorily  correct  these  deficiencies. 
Users  of  products  listed  in  Section  III  are  warned  that 
deficiencies  may  exist  and  should  contact  the  local 
Government  TEMPEST  authority  for  specific  guidance  regarding 
continued  usage  for  processing  classified  information.  NSA 
has  initiated  a  TEMPEST  deficiency  alert  program  to  notify 
TEMPEST  authorities,  by  classified  message,  of  the  nature  and 
extent  of  the  deficiency  to  enable  TEMPEST  authorities  to 
provide  users  specific  guidance  regarding  continued  use  of 
the  product.  If  the  TEMPEST  deficiency  is  satisfactorily 
resolved  within  the  allotted  time,  the  product  will  be 
relisted  in  Section  II. 

d.  Blue  Pages  (Section  IV) :  A  list  of  products 
^ith  suspended  accreditation  pending  product  accreditation 
termination  and  appeal.  Suspension  of  accreditation  means 
that  the  company  cannot  continue  to  advertise  the  product  as 
CAP-accredited  or  take  any  new  orders  from  U.S.  Government 
departments  and  agencies  which  require  a  CAP— accredited 
product.  The  product  remains  in  Section  IV  pending 
accreditation  termination  and  appeal. 

e.  Red  Pages  (Section  V) :  A  list  of  products  whose 
accreditation  has  been  terminated  because  of  unresolved 
deficiencies  or  failure  to  comply  with  program  procedures  or 
requirements.  Users  of  such  products  should  seek  guidance 
from  their  TEMPEST  authority. 

f .  Green  Pages  (Section  VI) :  A  list  of  products 
for  which  the  Company  has  elected  to  permanently  discontinue 
production. 

ADMINISTRATIVE  NOTES 

a.  Once  a  product  is  listed  in  Section  V  or  VI,  it 
will  remain  there  for  one  year,  after  which  it  will  be 
deleted  from  the  PPL. 

b.  Products  listed  on  the  PPL  are  included  in  the 
NATO  Recommended  Products  List  (NRPL) .  The  NRPL  is  available 
from  the  Government  Printing  Office  (GPO) . 
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c.  Specific  questions  on  a  particular  product 
should  be  directed  to  the  manufacturer. 

d.  For  further  information  concerning  the  Preferred 
Products  List,  contact: 

Director 

National  Security  Agency 

ATTN:  X512/TEMPEST 

Fort  George  G.  Meade,  MD  20755-6000 
JANUARY  1992  PPL  ANNOUNCEMENTS 
Announcements  will  be  updated  quarterly. 

1.  The  following  products  have  been  dropped  from 
Section  VI: 

a.  Digital  Equipment  Corporation 

(1)  Model  RF-824BB/RF-834BA  Computer  System 

(2)  Model  RF-8800  VAXCluster 

b.  Hetra  Computer  &  Communications  Industries,  Inc. 

(1)  Model  1200T  Line  Printer 

(2)  Model  855T  Line  Printer 

(3)  Model  6250T  Tape  Drive 

c.  Mitek  Systems,  Inc. 

Model  150T  Laser  Printer 

d.  TEMPEST  Technologies,  Inc. 

Model  DWP  5155  Daisywheel  Printer 

2.  The  Electronic  Bulletin  Board  System  (EBBS)  formerly 
used  by  the  TEMPEST  Endorsement  Program  Office  for 
communications  between  this  office  and  vendors  has  been 
discontinued.  Any  future  communications  will  be  conducted  in 
writing  or  by  telephone.  Consult  the  address  listed  in  the 
Administrative  Notes  section  above. 
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MARKETING  FOINIS  OF  OONIACT  FOR  TBGOOCIS  IJS^ 
GN  THE  JANUARY  1992  IREFERRED  ERODDCTS  LIST 


ADC  Telecxstiraunications,  Inc. 
Government  Business  Unit 
ATIN:  Richard  Dean 
(612)  893-3625 
4900  West  78th  Street 
Minneapolis,  MN  55435 


Aura  Technologies,  Inc. 
ATIN;  Gene  Mitchell 
(703)  435-6736 
121  Forest  Ridge  Drive 
Sterling,  VA  22170 


Candes  Systems,  Inc. 
ATIN:  Henry  Snyder 
(215)  256-4130 
3131  Detweiler  Road 
Harleysville,  PA  19438 


Dataproducts  of  New  England, 
Inc. 

ATIN:  Marie  Bartxjur 
(203)  265-7151x223 
P.O.  Box  30 
Wallingford,  CT  06492 


Datawatch  Corporation 
ATIN:  Alan  IfecDougall 
(617)  932-0550 
P.O.  Box  847 
Wilmington,  MA  01887 


Digital  Equipment  Corp. 
Government  Systetns  Grox:^) 
ATIN:  Mario  Martinello 
(603)  884-4375 
MS  MK02-1/K6 

Digital  Way,  P.O.Box  9501 
Merrimadc,  NH  03054 


Advanced  Control  Device 
Corporation 
ATTN;  William  Scmmer 
(513)  252-2600 
1415  East  Second  Street 
Dayton,  CXI  45403-1022 


C.  R.  International,  Inc. 
ATIN:  Alan  Belli 
(301)  595-5350 
P.O.  Box  655 
Beltsville,  MD  20705 


Cryptek,  Inc. 

Division  of  General  Kinetics  Inc. 
ATIN;  Neel  J.  Price 
(703)  478-7140 
P.O.  Box  365 
Herndon,  VA  22070 


Datasec  Corporation 
ATTN;  Jixfy  Figlioli 
(603)  654-9700 
P.O.  Box  790 
Wilton,  NH  03086 


Delta  Data  Systems  (3orp. 
ATTN;  Robert  Mellott 
(301)  290-6400 
7175  Columbia  (Safeway  Dr. 
Columbia,  MD  21046 


FiberCcm,  Inc. 

ATTN:  Jack  Freeman 
(703)  342-6700 
P.O.  Box  11966 
Roanoke,  VA  24022-1966 
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General  DataCJcm  Sj^tems,  Inc. 
MIN:  Karen  Dunathan 
(813)  855-2620 
450  Gim  Gong  Road 
Oldsmar,  FL  34677 


OdD  Systems  Corporation 
MIN:  Patty  Bergquist 
(415)  656-4700 
47211  Lakeview  Blvd. 
Fremont,  CA  94538 


Ifetra  Conputer  &  Comm.  Industries 
ATIN:  Dan  Wonak 
(407)  589-7331 
P.O.  Box  9000 
Sebastian,  FL  32958 


Holies  Data  Systems 
MIN:  Paula  J.  Milano 
(714) -693-5917 
5601  East  laPalma  Avenue 
Anaheim,  CA  92807 


IBM  Corporation 

Systems  Integration  Division 

AIIN:  Robert  J.  Schumm 

(301)  240-9900 

800  North  Frederick  Ave. 

Gaithersburg,  MD  20878 


IIEX  Systems,  Inc. 
ATIN:  Bob  Robinson 
(408)  945-0294 
1423  S.  Milpitas  Blvd. 
Milpitas,  CA  95035 


International  Technology  Corp. 


ATIN:  David  J.  Bloch 
(703)  749-1200 

P.O.  Box  6250 

1356  Beverly  Road 

McLean,  VA  22106-6250 

Mit^  Systems,  Inc. 

ATIN:  Glenn  Ritzmann 
(619)  587-9157 

6225  Nancy  Ridge  Drive 

San  Diego,  CA  92121 

Mit^  Systems,  Inc. 

Eastern  Operations 

ATIN:  Glenn  Ritzmann 
(703)  318-7030- 
P.O.Box  28 

22879  Glenn  Dr. 

Sterling,  VA  22170 

North  Atlantic  Industries,  Inc. 
ATIN:  Arthur  Freilich 
(516)  582-6500  x251 

60  Plant  Avenue 

Havppauge,  NY  11788 

Optelecan,  Inc. 

AHN:  Fred  Eggleston 
(301)  840-2121 

P.O.  Box  623 

Gaithersburg,  MD  20877 

Secure  Services  Technology,  Inc. 
ATIN:  Tcm  Soyka 
(703)  709-7208 

Suite  110 

44901  Falcon  Place 

Stetling,  VA  22170 

Security  Ccraraunications 
of  America,  Inc. 

AHN:  Ed  Fox 
(203)  269-1883 

P.O.  Box  4245 

Yalesville  Station 

Wallingford,  CT  06492 

SFA,  Inc. 

ATIN:  E.R.  Freeman 
(301)  925-9400  xlOl 

1401  McCormick  Drive 

Landover,  MD  20785-5396 
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Timeplex,  Inc. 

ATIN:  Charles  Dykas 
(703)  385-3979 
11166  Main  street 
Fairfax,  VA  22030 


Titan  Corporation 
Titan  ^^licatiois  Groip 
ATIN:  Terry  Snyder 
(703)  883-9200 
1950  Old  Gallcws  Road 
Vienna,  VA  22182 


UNISYS  Corporation 
Federal  Information  Systems 
ATIN:  Steve  Fitzgerald 
(703)  556-5760 
8008  W.  Park  Dr.  3rd  FI. 
McLean,  VA  22012 


Versitron 

Division  of  Shielding  Systems  Corp. 
ATIN:  William  Carter 
(301)  497-8600 
9005-8  Juncticai  Drive 
Annapnl is  Junction,  MD  20701 


Wang  laboratories,  Inc. 
ATIN:  Don  Gangemi 
(508)  967-4093 
P.O.  Box  8153 
Lowell,  MA  01853-3353 


Zenith/INTBQ,  Inc. 
ATIN:  David  Garvis 
(703)  471-1500 
13860  Redskin  Drive 
Herndon,  VA  22071 
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Alphabetical  Listing  of 

Adapter 

Central  Processing  Unit 

Ccmputer 

Conputer  System 

Ccnputer,  Personal 

Coirputer,  Po2±able 

Control  tftiit 

Digitizer 

Digitizer,  Tablet 

Disk  Drive 

Display 

Facsimile 

Interface,  Communication 
Interface,  Fiber  Optic 
Modem 
Mouse 

Multiplexer 

Network 

Optical  Character  Reader 

Plotter 

Plotter,  Qolor 

Printer 

Printer,  Band 

Printer,  Daisywheel 

Printer,  Dot  Matrix 


Equipment  Categories 

Printer,  GrajMcs 
Printer,  Ink  Jet 
Printer,  Laser 
Server  Processor 
Tape  Drive 
Tape  Reader,  Punched 
Teleprinter 
Terminal 
Workstation 
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SECTION  I 


JMlDftRY  1992  PREFERRED  PRODUCTS  LIST  INDEX 


Manufacturer 
City,  State 


Eqviipment  Category  Model 

Number 


Section 


ADC  Telecxjtnmunications,  Inc. 
Minneapolis,  MN 


Advanced  Control  Device  Corp 
Dayton,  CH 

J^llo  Conpiters,  Inc. 

North  Billerica,  MA 

Aura  Technologies  Inc. 
Sterling,  VA 

C.  R.  Inteinational,  Inc. 
Beltsville,  MD 


Carxies  Systems,  Inc. 
Harleysville,  PA 


Contel  Federal  Systems,  Inc. 
Westlake  Vil. ,  CA 

CPT  Corp. 

Minneapolis,  MN 


Cryptek,  Inc. 

Herndon,  VA 

Dataproducts  New  England 
Wallingford,  CT 


Adapter 

Interface,  Fiber  Cptic 


Tape  Reader,  Punched 


Workstation 


Mouse 


Adapter 

Computer,  Personal 


Computer,  Personal 

Display 

Display 


Workstation 


Display 

Printer,  Dot  Matrix 


Facsimile 


Adapter 

Adapter 

Control  Unit 

Multiplexer 

Multiplexer 

Printer 

Printer 


FPA-xxx  II 

Fiber  Mate  System  II 

5120  II 

imSOOO  VI 

M4-T  II 

nAC-24T  II 

PW2  500/12T  VI 

TPI-863-T  VI 

2019T  II 

2119T  II 

AN/UyQ-47(V)  VI 

DSP-14B  V 

EM  245T  VI 

TS-10  II 

CAU  4100  II 

FPA-4X00  II 

MC3-188/114  II 

2048AT-16  II 

2048AT-32  II 

MXr-1200C  II 

MXT-1200VE  II 
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oiuf acturer  Equipment  Category  Ifodel 

City,  State  Number 


Dataproducts  New  England 
Wallingford,  CT 


Datasec  Corp. 

Wilton,  NH 

Printer,  Band 

Printer,  Band 

Printer,  Dot  Matrix 
Printer,  Dot  Matrix 
Printer,  Dot  Matrix 
Teleprinter 

TBIOOO 

TB600 

TDG-200 

TaG-202 

TG-200 

MXT-1200  KSR 

Datawatch  Corp. 

Wilmington,  MA 

Computer,  Personal 
Computer,  Personal 

Disk  Drive 

Display 

Printer,  Dot  Matrix 
Printer,  Ink  Jet 

Printer,  Ink  Jet 

Terminal 

nAr-286 

DIM-110 

DSD-210 (220) 

DSM-120 

DSP-225-232 

DSP-225-111 

DSP-225-488 

DST-220 

Delta  Data  Systems  Corp. 
Columbia,  MD 

Digitizer,  Tablet 
Printer,  Ink  Jet 

Terminal 

Workstation 

Workstation 

DAIAHATCH  1201 
DATAWATCH  150 
DATAWATCH  240 
DATAWATCH  386/16 
DW286/16-ST506 

Digital  Equipment  Corp. 
Nashua,  NH 

Computer,  Personal 
Computer,  Personal 

Mouse 

Printer,  Dot  Matrix 
Printer,  Graphics 

Printer,  Grajiiics 

Printer,  GrapfcLcs 

Terminal 

Terminal 

8700T-PC 

TOTE  PC 

T87-610 

FX-85T 

DD3184 

DD3304 

1X0404 

8260AT  and  8260T 
IX>  220T 

FiberCom,  Inc. 

Roanoke,  VA 

Computer  System 

Interface,  Fiber  Optic 
Network 

Printer,  Dot  Matrix 
Printer,  Laser 

Server  Processor 

Terminal 

Terminal 

Workstation 

RF-630QZ-AA/CA 

RF-PQAFB/MB-AA 

RF-H4000 

RF-IAIDR-AA/BA 

RF-IN03  ()-()() 

RF-DSRVX-XX 

RF-Vr240-AA/-BA 

RF-Vr320-AA 

RF-PVOIX-XX 

Interface,  Camraunication 

WhisperlAN/T 

Section 


II 

II 

II 

II 

II 

II 


II 

II 

II 

II 

II 

II 

II 

II 


II 

II 

II 

II 

II 


II 

II 

II 

II 

II 

II 

II 

II 

II 


II 

II 

II 

II 

II 

II 

II 

II 

II 


II 
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Manufacturer 
City,  State 


Equipnent  Category 


FiberCom,  Inc. 
Roanoke,  VA 


General  DataCoram  Sys. ,  Inc. 
Middlebury,  CT 

GRiD  Systems  Corp. 

Fremont,  CA. 


Hetra  Cortputer  &  Ccsram.  Ind. 
Sebastian,  FL 


Hewlett  Packard  Caxpany 
Palo  Alto,  CA 

IBM  Corp. 

Durham,  NC 


IBM  Corp. 
Gaithejr^urg,  MD 


Ilex  Systems,  Inc. 
Milpitas,  CA 


International  Tech.  Corp. 
Mclean,  VA 


Mitek  Systems,  Inc. 
San  Diego,  CA 


Mitek  Systems,  Inc. 
Sterling,  VA 


Model  Section 

Number 


Interface,  Fiber  Optic 
Modem 


Multiplexer 


Coitputer,  Portable 
Disk  Drive 


Conputer,  Personal 
Display 

Optical  Character  Reader 


Printer,  laser 


Display 

Printer 


Coirputer,  Personal 
Coitputer,  Personal 


Digitizer 

Optical  Character  Reader 


Coiputer,  Personal 
Coiputer,  Personal 
Conputer,  Personal 
Conputer,  Personal 
Conputer,  Personal 
Network 
Plotter,  Color 
Printer,  Dot  Matrix 


Facsimile 

Interface,  Comniunication 
Printer,  Laser 
Printer,  laser 


Conputer,  Personal 


VJhisperphone  I  II 

TIM-9600  VI 


Megaswitch  IMP  II 


1307  II 

2107  VI 


105T  II 
4902T  II 
9050T  II 


HP  33440x-d?  VI 


3278RC  Model  2  VI 

IBM  3812  VI 


4455  II 

4459  II 


VDC  4824T  II 

2000T  Series  II 


rrc  P386-T  II 
ITC  PC-AT-T  VI 

rrc  pc-xr-T  vi 
rrc  ps2-3o^  II 
rrc  PS2-50-T  II 
rrc  lAN-HUB-T'  II 
rrc  lOT  III 
rrc  50-T  VI 

850T  II 
810T  II 
120T  VI 
125T  VI 

T5240  VI 
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Hcunifacturer 
City,  State 


Equipment  Category 


Model 

Number 


Section 


Mit^  Systems,  Inc. 
Sterling,  VA 


North  Atlantic  Ind. ,  Inc. 
Haippauge,  NY 


Optelecom,  Inc. 
Gaithersburg,  MD 

Optical  Data  Systems,  Inc. 
Richardson,  TX 


Secure  Services  Tech. ,  Inc. 
Falls  Qiurch,  VA 

Security  Comm,  of  America 
Wallingford,  Cl 

SEA,  Inc. 
landover,  MD 

TEMPEST  Tech.,  Inc.  (T2I) 
Herndon,  VA 


Time  and  Space  Proc.  Inc. 
Sunnyvale,  CA 


Corrputer,  Personal 
Display 

Optical  Character  Reader 
Tape  Reader,  Punched 


Printer,  Dot  Matrix 
Printer,  Dot  Matrix 
Printer,  Dot  Matrix 
Printer,  laser 
Printer,  Laser 
Printer,  Laser 


Modem 


Interface,  Fiber  Cptic 
Interface,  Fiber  Cptic 
Modem 

Multiplexer 

Multiplexer 

Network 


Facsimile 


Printer,  Dot  Matrix 


Plotter 


Computer,  Personal 
Plotter 
Printer 
Printer 

Printer,  Daisyvheel 
Printer,  Dot  Matrix 
Printer,  Dot  Matrix 
Printer,  Dot  Matrix 
Printer,  Dot  Matrix 


Facsimile 


T5270  VI 
T5119  II 
T5176  II 
T5104  II 


7020T 

7035T 

P5-T 

KISS  plus  T 
Laser  II-T 
PS  810^ 


4131Pr/4131ST 


ODS  108-M,  108-F 

ODS  235 

ODS  411 

ODS  314 

ODS  817 

ODS  240 


SST-^1 


EX-IOOOT 


SEA  140H? 


XTRA  286TX 

WG3200T 

LPF5600 

LEM5300 

760T 

1020T 

SLP3184 

SLP3304 

SLP3404 


9100  VI 
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aaaasaaas  m  a  h  saaaaa  a  aaaaaa 


Manufacturer 
city.  State 


Equipment  Category 


Model 

number 


Section 


Timeplex,  Inc. 
Wcxxicliff  Lake,  NJ 

Titan  Corporation 
Vienna,  VA 


UNISYS  Corp. 

Salt  Lake  City,  UT 


Versitron 

Annapolis  Junct,  MD 

Wang  Labs,  Inc. 
Lowell,  MA 


Multiplexer 


Control  Unit 
Interface,  Ccamnunication 


Ccanoputer  System 
Corputer,  Personal 
Cratputer,  Personal 
Printer,  Dot  Matrix 
Terminal 
Terminal 


Interface,  Fiber  Optic 


central  Processing  Unit 
Ccsiputer 
Conputer  System 
Conputer  System 
Conputer  System 
Conputer  System 
Conputer  System 
Conputer,  Personal 
Conputer,  Personal 
Ccxrputer,  Personal 
Computer,  Personal 
Conputer,  Personal 
Conputer,  Personal 
Conputer,  Personal 
Conputer,  Personal 
Conputer,  Personal 
Conputer,  Personal 
Conputer,  Personal 
Conputer,  Personal 
Conputer,  Personal 
Disk  Drive 
Disk  Drive 
Disk  Drive 
Disk  Drive 
Disk  Drive 
Di^lay 
Display 

Interface,  Communication 
Interface,  Communication 
Interface,  Communication 


TIM-LINK  T1 

IV 

BASIQ-1821-^ 

II 

1800^ 

II 

System-11 

II 

T3143-82 

II 

T3143-88 

II 

25B 

II 

T3560-23 

II 

T3622-99 

II 

MllXOS 

II 

75XXAT 

II 

PC-XC5-3T 

II 

7585VST-X 

II 

VS5-XT 

II 

VS6-XT 

II 

VS65-XT 

II 

VS75E-XT 

II 

APC-JM46T 

II 

PC-XC1-3T 

II 

PC-XC2-3T 

II 

PC-XC4-3T 

II 

PC280-1AT 

II 

PC280-1T 

II 

PC280-2T 

II 

PC280-4T 

II 

PC381-T'/PC382-T 

II 

XAPC-SIT 

II 

XAPC-S2T 

II 

XAPC-S3T 

II 

XAPC-ST 

II 

2269V-3T 

II 

2269V-4T 

II 

7565-2T 

II 

7565V-2T 

II 

YTl-7595(V)-CxT 

II 

75PC-FM101T 

II 

MCaT-1450-PC2T 

II 

3278/79-EMUL-T 

II 

6554-lT 

II 

6554-2T 

II 
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Memufacturer 
City,  State 


Equipment  Category 


Model 

Number 


Section 


Wang  Labs,  Inc. 
Lowell,  MA 


Xerox  Corp. 
Sunnyvale,  CA 


ZenitiyiNIEQ,  INC. 
Herndon,  VA 


Interface,  Ccnimunication 
Interface,  Qaiimunication 
Interface,  Fiber  Optic 
Interface,  Fiber  Optic 
Interface,  Fiber  Optic 
Printer,  Band 
Printer,  Daisyv^eel 
Printer,  Daisyviieel 
Printer,  DaisyvAieel 
Printer,  DaisyvAieel 
Printer,  Dot  Matrix 
Printer,  Laser 
Printer,  Laser 
Printer,  Laser 
Printer,  Laser 
Tape  Drive 
Tape  Drive 
Tape  Drive 
Workstation 
Workstation 
Workstation 
Workstation 
Workstation 
Workstation 


Network 

Network 

Workstation 


Cortputer,  Personal 


7561T 

II 

WACS-XXT 

II 

FiberWay 

II 

FCH^IC-ITA 

II 

FCHMC-IT 

II 

7574-lT 

II 

7582T  DSF-IT 

II 

DW/OS-60AT 

II 

DW/OS-60T 

II 

IM018-T 

II 

75PC-IM16T 

II 

75LrS-12xT 

II 

LCS15-DSK-Jr 

II 

LCS15-SYS-T 

II 

IIDP8-DSK-T 

II 

2238V-1T 

II 

2248V-1T 

II 

7529T 

II 

4230-QA-T 

II 

4230-VS-T 

II 

4230TC-T 

II 

7501-OA-T 

II 

7501-VS-T 

II 

APC-IWST 

II 

8033T/60HZ 

VI 

8046T/60HZ 

VI 

6085T 

VI 

ZVC-0003-AA 

II 
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SECTION  II 


Equipnesnt  Category 


Adapter 


Adapter 


Adapter 


Adapter 


Central  Processing  Unit 


JANUARY  1992  PREFERRED  PRODUCTS  ZJST 
ACCREDITED  EQUIPMENT  AND  SYSTEMS 


Manufacturer  Model 

Cil7,  State  Number 

Description 

ADC  Telecxmtiunications,  Inc.  FPA-xxx 

Minneapolis,  MN 
Crypto  Fixed  Plant  Adapters 
FPA-001  Dual  Channel  Unit 
FPA-101  Single  Channel  Unit 

C.  R.  International,  Inc.  DAC-24T 

Beltsville,  MD 

The  DAC-24T  Data  Adapter/Ctonverter  provides 
signal  conversion  for  EIA-RS-232C/D  and  MIL- 
188C  signals  to  MIIr-STD-188-114  OR  RS-422 
interface  specifications  with  pin  assignment  in 
accordance  with  EIA-530.  The  DAC-24T  is  trans¬ 
parent  to  external  devices  and  provides  regeneration 
and  signal  inversion.  The  DAC-24T  operates  at  a 
maximum  of  307.2  kEps  on  the  balanced  ports  and  9.6 
kEps  on  the  unbalanced  ports 


Dataproducts  New  England  CAU  4100 

Wallingford,  CT 
CAU  4000  Crypto  Auxiliary  Unit 
CAU  4100  Single  Channel  Unit 
CAU  4200  Dual  Channel  Unit 

Dataproducts  New  England  FPA-4x00 

Wallingford,  CT 
Crypto  Fixed  Plant  Adapters 
FPA-4100  Single  Channel 
FPA-4200  Dual  Channel 


Wang  Labs,  Inc.  75XXAT 

Lowell,  MA 
Model  Nos: 

7515AT  8-port  CIS  dU 

7535AT  16-port  CIS  CHJ 

7540AT  32-port  CIS  CPU 

7550AT  32-port  with  128kB  Memory 

Options: 

OIS  1000  Turbo  tpgrade  to  7550AT 

EM-OIS-T  Extended  Memory  Option  for  64kB  OIS  CPUs 
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Eguipnent  Category 


Model 

Number 


Manufacturer 
City,  State 
Description 

(Continued)  75XXAT 

(extends  64kB  memory  to  128kB) 

TC-AC-2T  Asynchronous  Internal  Telecxmimunications 
Controller  (second  channel) 

TC-SC-2T  Synchronous  Internal  TfelecoorainLinications 
Controller 

TCIT  128kB  Internal  Data  Coniraunications 

Controller,  Two  TCIT  controllers  are  installable 
per  CEU  and  each  requires  an  optional  connector 
and  front  panel  as  in  the  TCT  Controller. 

TCT  64kB  Internal  Data  Comraunications  Controller. 

Two  TCIT  controllers  are  installable  per  CPU  and 
each  requires  an  optional  connector  and  front 
panel. 

Optional  Connectors  Include: 

CN-RS232T 
CN-RS449T 
CN-RS366T 
CN-X21T 

Optional  Front  Panels  Include: 

OIS-FPIT  for  1st  Controller 
0IS-FP2T  for  2nd  Controller 

Conputer  Wang  Labs,  Inc.  PC-XC5-3T 

Lowell,  MA 

Professional  Conputer  with  ei^t  slots,  512kB 
single  diskette  drive,  20MB  fixed  Winchester  drive, 

IBM  emulation,  monitor,  keyboard,  MS-DOS  and  inter¬ 
pretative  BASIC.  Upgradeable  to  XAPC-ST  and  XAPC- 

SXT  series  of  TEMPEST  APCs.  Accredited  in  multiple 
language  character  set  versions  in  addition  to  the 
standard  versions. 

The  following  cptions  are  available  on  the  PC-XCl-T 
throu^  PC-XC5-T  models: 

75PC-IM02T  Graphics  Card 

75PC-FM14T  PC  RS-232  Daisy  Printer 

75PC-IM16T  160  CPS  Printer 

75PC-FM20T  Diskette  Drive 

75PC-rM21cr  10MB  Removable  Disk  Drive 

75PC-IM40T  Remote  TC  Option 

75PC-EM141-VST  VS  Local  Communications  Option 

75PC-EM141-QAT  OIS/Alliance  local  Communications 

Option 

75PC-EM42T  Multiport  Communications  Option 

75PC-PM100T  Keylock  on/off  switch 

75PC-FM101T  Wang/IBM  Emilation  Monochrome 

Monitor  Card 

75PC-M0USE-T  Wang  7500T  PC  Mouse 

75PC-PSDr  Printer  Sharing  Device 
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Equipment  Category 


Model 

Number 


Manufacturer 
city.  State 
Description 

(Continued)  PC-XC5-3T 

75PC-rM21AT  10MB  Fixed  Media  Disk  Drive 

75PC-rM30T  Memory  E5q)ansion  Card  (128kB) 

75PC-FM31T  Memory  Es^jansion  Card  (256kB) 

75PC-rM32T  Memory  Expansion  Card  (512kB) 

Corrputer  System  Digital  Equipment  Corp.  RF-630QZ-AVCA 

Nashua,  NH 

Microvaxll  in  H9633  RFI/MI  Cabinet  with  IMB  memory; 
MS630-BB  4MB  Memory  Es^ansion  (two  maximum)  or  MS630-CA 
SMB  Memory  Ej^ansion  (two  maximum) . 

Included  Options: 

RQDX3-M  Disk  Drive  Controller 

RF-RD54-AB  159MB  Removable  5-1/4"  Hard  Disk  (maximum 

of  four) 

RF-RD53-AB  7IMB  5-1/4"  Removable  Hard  Disk  (maximum 
of  four) 

RX50-AA  409kB  Floppy  Disk  Drive 

TK50-AA  5-1/4"  95MB  Streaming  Tape  Drive 

TQK50-AA  TK50  Controller 

BA23-CA  Radkmount  Box,  8-slot  backplane 

RF-DEQNA-KA  EIHERNET  Controller  and  Fiber  Optic 
Converter 

RF-KiVll-AA  Filtered  8-Line  Asynchronous  Multiplexer 
RF-DZQll-DA  Filtered  4-Line  Asynchronous  Moltiplexer 
RF-DFVll-AA  Filtered  RS232  Single  Line  Syndhronoxas 
Controller 

RF-VT240-AA  Console  Terminal 

RF-DE^3A-KA  EIHERNET  Controller  and  Fiber  Optic  Converter 
RF-ra:Qll-AA  Cammunications  Controller  with  8  asynchronous 
lines 

95MB  Streaming  Tape  Drive 

TQK50-AA  TK50  Controller 

BA23-CA  Rackmount  Box,  8-slot  backplane 

RF-H3041-AA  Station  Interface  Unit  required  for  ETHERNET 

Computer  System  UNISYS  Corp.  System-11 

Salt  Lake  City,  UT 

System  11  is  mini/midi  sized  1100  processor  system.  It 
consists  of  basic  and  e;5)ansion  central  complex  cabinets. 
The  expansion  cabinet  allows  for  additional  processors  and 
ej^janded  I/O  capability. 

Peripherals  included: 

Fixed  Disk  Subsystem 
Removable  Disk  Subsystem 

Peripheral  Cabinet  containing  a  magnetic  tape  subsystem 
lypes  &  features  associated  with  the  System  11  & 
peripherals: 

T3065-75  EMC  System-11  Enhanced  Dyadic  (60  Hz) . 
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Equipment  Category  Manufacturer  Model 

City,  State  Number 

Description 

(Continued)  System-11 

Hardware  sv:?plied  includes: 

K3649-03  Instruction  Processor  (two) 

K3653-03  MSU  Control  1024KW  Memory  (two) 

F4257-03  Disk  Controller  Channel  II  (two) 

F3 651-01  Byte  Bus  Channel 
F3 674-99  Integrated  Tape  Control  Unit 
T2 054-99  Block  Mux  Channel 
F3672-99  Printer  Control  Unit 
T2 006-98  Integrated  Communications  Processor  II 
F3 648-01  System  Si^port  Processor 
F3726-00  Ir-Bus  Adapter 
F3714-00  Console  Control  Unit 
Optional  Hardware  for  Ejqjansion  includes: 

K3649-03  Ejqansion  Processors  (maximum  of  two) 

K3 653-03  MSU  with  1024KW  Memory  (maximum  of  two) 

T3066-98  EMC  Ebqpansion  Cabinet 

F3 651-98  Second  Eyte  Bus  Channel 

T2054-99  Second  Block  Mux  Channel 

F4257-03  Disk  Controller  Channel  II  (maximum  of  two) 

F3163-98  Medium  Speed  Loadable  Line  Module  (RS-449) 

F3163-99  Medium  Speed  Loadable  Line  Module  (RS-232C) 

F3165-99  Multiline  Async  Line  Module 

F3837-98  Multiline  Sync  Line  Module 

F3725-00  L-Bus  Power  Ejq)ansion 

T3065-74  EMC  System-11  Enhanced  Dyadic  (50  Hz) 

Same  hardware  as  above. 

T1974-99  EMC  Peripheral  Cabinet  (50/60  Hz) 

Houses  rp  to  two  EMC  Streaming  Tapes  (T2014-97) 
Hardware  Si:5)plied: 

K3782-01  Streaming  Tape  Drive 
K3930-01  Remote  Power  Sequencer 
T2014-95  EMC  Second  Streaming  Tape  Drive 
Hardware  Sv^^lied: 

K3782-01  Streaming  Tape  Drive 
T2014-96  EMC  Streaming  Tape  Drive 
Hardware  Sv;{)plied: 

K3782-01  Streaming  Tape  Drive 

T8451-99  EMC  Cabinet  with  two  Fixed  Disk  Drives  and 
two  Control  Modules.  (50/60  Hz) . 

Optional  hardware  includes: 

F4332-00  Dual  Access 

F4329-00  Disk  Drive  Eljqjansion  (maximum  of  two) 
T8463-99  EMC  Cabinet  with  one  removable  Disk  Drive 
and  one  Control  Module  (50/60  Hz) 

Optional  hardware  inclxjdes: 

F4640-00  Disk  Drive  Eb^pansion  (maximum  of  three) 
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T8596-75  EJK  Distributed  Ccaranunications  Processor/40 
(DCP/40)  50/60  Hz 
Necessary  Hardware  includes: 

F1939-00-01  Integrated  Disk  Control,  60/50  Hz 
F1947-05  Byte  Channel  Line  Module 
T8441-76/77  IMC  30MB  Mass  Storage,  60/50  Hz 
Optional  Hardware  for  Eiqjansion  includes: 

K1930-01  512kB  Memory  Ejqjansion 
F2941-99  Second  I/O  Processor 
F1932-99  Third  I/O  Processor 
F1932-98  Fourth  I/O  Processor 
F3164-98  EMC  Hi^  Speed  Line  Module  (RS-449) 

F3163-99  IMC  Medium  Speed  loadable  Line  Module 
(RS-232) 

F3163-98  EMC  Medium  Speed  Loadable  Line  Module 
(RS-449) 

F3 165-99  EMC  RS-232  Multiline  Asynchronous  Line 
Module 

F3837-98  EMC  RS-232  Multiline  Synchronous  Line 
Module 

Coirputer  System  Wang  Labs,  Inc.  7585VST-X 

Lowell,  MA 

7585VST-X  series  32-Bit  virtual  memory  cortputer 
^stem.  Standard  configurations  include  32-bit 
CPJ  with  indicated  main  system  memory,  32kB  Cache 
memory.  16-port  serial  lOP  with  two  electrical 
APAs  (E-APA-^T) ,  one  archiving  workstation 
(7501-VS-T)  with  hard  sector/soft  sector  controller, 
one  4-port  disk  drive  lOP  (75V03T) ,  and  one  bus 
adapter.  Operating  system  and  Assembler  are  also 
standard. 

Standard  product  configurations  are: 

7585VST-1  with  2MB  system  main  memory 
7585VST-2  with  4MB  system  main  memory 
7585VST-3  with  8MB  system  main  memory 
Options  to  above  products  include: 

75V01T  16-Port  Serial  I/O  Processor 

75V02T  32-Port  Serial  I/O  Processor 

75V03T  4-Port  Disk  Drive  I/O  Processor 
75V04T  3-Port  Telecammunications  I/O  Processor 

E-APA-T  8-Port  Electrical  Active  Port  Assembly 

22V15-2T  Irput/Output  Processor 

Cortputer  System  Wang  Labs,  Inc.  VS5-xT 

Icwell,  MA 

VS5-XT  virtual  memory  conputer  system.  Standard  system 
configurations  include  indicated  main  memory,  1.2MB 
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(Continued)  VS5-xT 

diskette  drive,  16  serial  ports,  SCSI  port,  and 
asynchronous  printer  ports  for  DP  only  printers. 
Standard  product  configurations  are: 

VS5-1T  CPU  with  1MB  Main  Memory 
VS5-2T  CPU  with  2MB  Main  Memory 
Packaged  configurations  include  indicated  main  memory, 
portable  disk  drive  and  a  streaming  cartridge  tape 
drive. 

Packaged  product  configurations  are: 

VS5-1CIT  CPU  Includes  1MB  memory,  71MB  portable 
Winchester  drive,  &  streaming  cartridge  tape  drive 
VS5-1DIT  CPU  Includes  1MB  memory,  142MB  portable 
Winchester  drive,  &  streaming  cartridge  tape  drive 
VS5-2DIT  CPU  Includes  2MB  memory,  142MB  portable 
Winchester  drive,  &  streaming  cartridge  tape  drive 
Options  to  above  products  include: 

25V50-4AT  4-Port  Disk  Drive  Controller 
25V76-2AT  2-101^  Telecommunications  Controller 

with  controller  board,  half  panel,  &  connector  options 
(VCN-RS232T,  VCN-366T,  &  VCN-X21T) 

Wang  Labs,  Inc.  VS6-xT 

Lowell,  MA 

VS6-XT  virtual  memory  conputer  system.  Standard  system 
configurations  include  indicated  main  memory,  1.2MB 
diskette  drive,  16  serial  ports,  16kB  Cache  Memory, 

SCSI  port,  and  asynchronous  printer  ports  for  DP  only 
printers. 

Standard  product  configurations  are: 

VS6-1T  CPU  with  1MB  Main  Memory 
VS6-2T  CPU  with  2MB  Main  Memory 
VS6-4T  CPU  with  4MB  Main  Memory 
Package  product  configurations  include  indicated  main 
memory,  portable  Winchester  disk  drive  and  streaming 
cartridge  tape  drive. 

Packaged  product  configurations  are: 

VS6-1CIT  CPU  -  Includes  1  MB  memory,  71MB  portable 
Winchester  drive,  &  streaming  cartridge  tape  drive 
VS6-1DIT  CPU  -  Includes  1MB  memory,  142MB  portable 
Winchester  drive,  &  streaming  cartridge  tape  drive 
VS6-2niT  CPU  -  Includes  2MB  memory,  142MB  portable 
Winchester  drive,  &  streaming  cartridge  tape  drive 
VS6-4DTT  CPU  -  Incliades  4MB  memory,  142MB  portable 
Winchester  drive,  &  streaming  cartridge  tape  drive 
Options  to  above  products  include: 

25V50-4AT  4-Ptort  Disk  Drive  Controller 
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(Continued)  VS6-xT 

25V76-2AT  2-Port  Telecxammunications  Controller 
with  controller  board,  half  panel,  &  connector  options 
(VCN-RS232T,  VCN-RS366T,  and  VCN-X21T) 

Wang  Labs,  Inc.  VS65-XT 

Lowell,  MA 

VS65-XT  series  32-bit  virtual  memory  conputer  system- 
standard  system  configurations  include  CEU  with 
indicated  main  system  memory,  16kB  Cache  memory,  360kB 
DSIX)  diskette  drive,  32-port  serial  device  controller 
(25V67T)  with  16  ports  provided.  Cperating  system  and 
Assembler  are  also  standard. 

Standard  product  configurations  are: 

VS65-2T  with  2MB  system  main  memory 
VS65-4T  with  4MB  system  main  memory 
Options  to  above  products  include: 

25V67T  32-rPort  Serial  I/O  Processor 
E-APA-T  Electrical  Active  Port  Assembly 
25V50-4AT  4-Port  Disk  I/O  Processor 
25V76-2AT  2-Port  Telecoiiinunications  Processor 
Connector  cptions  include: 

VCN-RS232T,  VCN-RS366T,  and  VCN-X21T 

Wang  Labs,  Inc.  VS75E-XT 

Icwell,  MA 

Ihe  VS75E-XT  is  a  hi^  performance  32-bit  VS 
CEU  capable  of  supporting  ip  to  96  user  devices, 
including  up  to  64  electrical  or  fiber  optically 
connected  workstations.  From  2MB  to  SMB  main 
memory  configurations  are  available  with  32kB  of 
hi^  speed  cache.  Ihe  system  features  a  built-in 
5-1/4”  flcppy  disk  drive  and  bus  processor  support 
for  one  to  four  portable,  shock-mounted  72MB  or 
142MB  Winchester  type  drives  as  well  as  support  for 
external  disk  and  tape  storage  devices. 

Configuration  Tested: 

VS75E-8T  with  cptional  SCSI  interface,  hi^  speed 
disk  controller  (25V48-4T) ,  UISIO  (extra  928  Data 
Link  ports,  25V67T) ,  and  serial/parallel  ports 
(25V76-2AT,  VCN-I^232T,  VCN-RS366T,  and  VCN-X21T) 

Datasec  Corp.  DAr-286 

Wilton,  NH 

Personal  Computer  System,  using  80286  8  MHz  micro¬ 
processor,  512kB,  600kB,  or  IMB  RAM.  (OEM  is  Tandon  AT) . 
Options: 

DSC-143  Color  Monitor  (OEM  is  NEC  Efiiltisync) 

Datasec  DSM-120  Monochrame  Monitor  (OEM  is  NEC) 
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Paradise  Monochrome  Card 

DSD-210/DSEH220  Dual  10MB  or  20MB  ICMEX3A  Cartridge 
removable  disk  drive  (Bernoulli  Technology) 

I/C»!EX3A  SCSI  Interfacje  Card 
1.2MB  and/or  360kB  Flc^^  Disk  Drive 
20,  30,  40,  60,  85,  144MB  Removable  Winchester  Hard 
Disk  Drive 

AMI  Serial/Parallel  I/O  Card 
AMI  3MB  RAM  Extended  Memory  Card 
Mouse  (OEM  is  Maynard) 

Carpitone  ATvantage  4-Port  Card 

ItecMar  EGA  Card  (provides  hi^  resolution  graphics  with 
640x350  pixel  resolution) 

Half  Pint  Serial/Parallel  I/O  Card  (OEM  is  Cotrputer 
Perijh.erals) 

Cpus  32.16  Unix  System  V  Personal  Mainframe  available 
with  321  Memory  Card  Extension 
Opus  32.32  Unix  System  V  Personal  Mainframe  available 
with  321  or  323  Memory  Card  Extension 
80287  Math  Co-processor 
lEM  EGA  Card 

60MB  Archive  Streamer  Tape  Drive 
Excelan  EXOS  205E  Ethernet  Controller  Card 
Half  Pint  Plus 
Tecmar  VGA  Display  Adapter 
VIP-1200  Pliig-in  Cards  (lEV  1220  and  2020) 
opnc»i  A 

Intel  SBC386ATZ-16MHZ  80386  Microprocessor  with  2MB 
RAM  and  Parallel  Printer  Port 
Intel  80387  Math  Coprocessor 
Intel  SBC386MEM020  2MB  Memory  Expansion 
Intel  SBC386MEM080  8MB  Memory  Expansion 
Western  Digital  WD1006V-SM2  HarxVFloppy  Drive 
(controller 

Fujitsu  M2537K  3.5”  1.44MB  Floppy  Drive 
Fujitsu  M2553K  5.25"  1.2MB  Floppy  Drive 
Key  Tronic  101  Key  Ke^ix^rd  Model  E03417201 
Tecanar  VGA  Display  Adapter 
85MB  Removable  Hard  Disk  Drive  (Micrcpolis) 
computer  Peripherals  Half-Pint  Plus  I/O  Adapter 
DSC-143  (color  Monitor 
OPITCW  C 

80386  Processor  Card  (MOC) 

80387  coprocessor  (Intel) 

4MB  Memory  (3ard  (AMI) 

1.2MB  Floppy  Disk  (Fujitsu) 


Page  5-22 


EguiEment  category 


CJcffloputer,  Personal 


Computer,  Personal 


Manufacturer  Model 

City,  State  IRinber 

Description 

(Ccaitinued)  nRT-286 

360kB  Floppy  Disk  (Fujitsu) 

85m  Bard  Disk  (Micrcpolis) 

Serial/Parallel  Port  Card  (CPI) 

101-Rey  Extended  Kfeiiaoard  (Reytronics) 

VGA  Card  (Teanar) 

Datasec  Oorp.  DM-llO 

Wilton,  NH  . 

Apple  Macintosh  II  Personal  Oonputer  with  68020  CEU 
and  68881  oo-pxrocessor,  i:?)  to  SMB  of  on-toard  RAM, 

8001^  flcppy  drive,  l^le  extended  Icesj^xard,  2QMB 
g>vt-AT-nai  removable  hcund  disk,  mouse,  printer  and 
Hodem  ports,  external  SCSI  port,  video  card  with  512kB 
RAM 

Opticxis: 

4(»1B  removable  hard  drive 
8(MB  removable  hard  drive 
2,3,4,5,6,7,8MB  RAM 
Seccsid  external  removable  hard  di^ 

Secmd  800kB  3.5"  floppy  drive 
Sony  iKxxxhrome  monitor 

Delta  Data  Systems  Carp.  8700T-PC 

Columbia,  MD 

An  TTM  AT-conpatible  persOTial  computer  with  either  an 
80386  or  80286  bcised  plug-in  CEU  board  &  with  numer¬ 
ous  standard  features  &  options: 

Standard  Features: 

-  230W  Power  Si:pply  (110/220V,  50/60Hz) 

-  12-slot  Bae]q)lane 

-  Real  Time  Clook 

-  IWo  RS-232/MIL-188C  Serial  Ports 

-  One  Centronics-compatible  Parallel  Port 
Options: 

8700T-32  23Mz  80386  CEU  Plug-in  Board  with  SMB  Memory 

8700fIV-31  25mz  80386  CEU  Plug-in  Board  with  4MB  Memory 

8700T-23  16MHz  80386  CEU  Plug-in  Board  with  16MB  Memory 
8700r-22  16MHz  80386  CEU  Plug-in  Board  with  8MB  Memory 

8700T-21  16MHz  80386  CEU  Plug-in  Board  with  4MB  Memory 

8700T-13  16MHz  80386  CEU  Plug-in  Board  with  4MB  Memory 

8700T-12  16MHz  80386  CEU  Plug-in  Board  witii  2MB  Memory 

870ar-ll  16MHz  80386  CEU  Plug-in  Board  with  1MB  Memory 

8700T-02  8/12MHZ  80286  CEU  Plug-in  Board  with  4MB  Memory 

8700T-01  8/12MHZ  80286  CEU  Plug-in  Board  with  1MB  Memory 

T87-214  80387  Ooprocessor  for  80386  CEU  (25  MHz) 

T87-213  80387  Coprocessor  for  80386  CEU  (16  MHz) 

T87-211  80287  Coprocessor  for  80286  CEU 

T87-320  EEMS  1MB  Memory  Ejpansion  Board 
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T87-321 

CM-1440 

EM-1442/3 

EM-1444 

EM-1445 

EM-1450 

EM-1455 

EM-1411 

EM-1420 

EM-1940T 

EIA19-03/4 

E1A14-26 

EIA14-25 

El?a4-23 

ECy.4-21/4 

T87-180/1 

T87-190/1 

T87-130/1 

T87-135/6 

T87-145 

T87-150 

T87-155 

T87-140 

T87-120 

T87-710 

T87-720 

T87-730 

T87-172/4 

T87-176 

T87-170 

T87-510 

T87-400 

T87-070-2 

T87-420/1 

T87-410 

N87-110 

N87-111 

N87-112 

N84-008 

N87-101 


Model 

MUniber 


8700T-PG 

EEMS  2MB  Memory  E}q)ansion  Board 

14"  Multi-sync  EGA  Color  Monitor  (110/120V) 

14"  Multi-sync  EGA  Color  Monitor  (llOV  Only) 

14"  Multi-sync  EGVVGA  Color  Monitor  (110  Only) 
14"  Multi-sync  EGA/VGA  Color  Monitor 
(110/220V) 

14"  VGA  Color  Ifonitor  (110/220V) 

14"  Multi-sync  EGS^VGA  Color  Monitor 
(110/220V) 

14"  Monochrome  CRT  Monitor  (EC) 

14"  Monochrome  CRT  Monitor  (AC) 

19"  Hi^  Resolution  Color  Monitor 

1280  X  1024  Resolution  Video  Controller  (256 

Colors) 

VGA-compatible  Video  Adapter 

Video  Adapter  -  640  x  480  x  256  Colors 

Resolution 

EGA-ccmpatible  Video  Adapter 

Monochrome/Graphics  Video  Adapter 

1.2MB,  5-1/4"  Flofpy  Disk  Drive 

360kB,  5-1/4"  Flojpy  Disk 

1.4MB  3-1/2"  Floppy  Drive 

720kB  3-1/2"  Floppy  Drive 

330MB  Removable  Hard  Disk  Drive  (ESDI) 

110MB  Removable  Hard  Disk  Drive 
170MB  Removable  Hard  Disk  Drive 
80MB  Removable  Hard  Disk  Drive 
40MB  Removable  Hard  Disk  Drive 
Controller,  Flcppy/Hard  Disk,  ST-506 
Controller,  Flcppy/Hard  Disk,  ESDI 
Controller,  Cartridge,  SCSI 
44.5MB  Cartidge  Disk  Drive  with  SCSI 
Controller 

Dual  44.5MB  Cartridge  Disk  Drive  with  SCSI 
Controller 

20MB  Cartridge  Disk  Drive 

60MB  Streaming  Tape  Drive 

Serial/Parallel  Adapter 

3270  Coaxial  Emulation  I/O  Adapter 

4-port  Asynch  RS-232/MIL-188C  Adapter 

Synchronous  Serial  Port  (RS-232  or  MIL-188C) 

IAN  (Ethernet)  -  (DOS) 

IAN  (Ethernet)  -  Intelligent  (DOS) 

LAN  (Ethernet)  -  Intelligent  (UNIX) 

Ethernet  IAN  Transceiver  (Coaxial) 

Ethernet  IAN  Transceiver  (Fiber  Optic) 
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Nuniber 

(Continued) 

8700T-PC 

T87-080 

8765PCr-AT  Option  (80286  CHJ) 

T87-081 

8865PCT-AT  Option  (80386  CEU) 

T87-610 

Mouse,  3-button,  RS-232  Serial 

T87-612 

Mouse,  2-button,  HI-RES  Optical,  RS-232 
Serial 

KB-084T 

84-key  AT-ccsnopatible  Keyboard 

KB-IOIT 

101-Key  Enhanced  AT-compatible  Keyboard 

T87-620/1 

CAD  Package  Security  Device 

T87-625 

Data  Encryption  Board 

Delta  Data  Systems  Corp.  TOTE  PC 

Coliairibia,  MD 

Transportable  PC/XT  Conpatible  TEMPEST  Personal 
Ccsmputer 

Standard  features: 

8088  Central  Processing  Unit,  4.77MEIZ 
640kB  PAM 
6  Ej^ansion  Slots 
Electro-lximinescent  (EL)  Display 
PC-corrpatible  Keyboard 
360kB  Floppy  Disk  Drive 
10MB  Eemovable  Cartridge  Disk  Drive 
RS-232/MIL-188  Serial  I/O  Port 
Parallel  Printer  Port 
Rack  Mbmtable 


Hetra  Cortputer  &  Ccmm.  Ind.  105T 
Sebastian,  FL 
Personal  Conputer 
Special  Features: 

-  80286  Plug-in  Processor  6-lOMHz  with  80287  Math 
Co-processor 

-  64kB  RCM,  1MB  On-board  RAM 

-  360kB  or  1.2MB  Floppy  Drives 

-  20MB  and  40MB  Removable  Hard  Drives 

-  Monochrome  and  Color  Di^lay  Adapters 

-  Two  Serial  and  One  Parallel  IBM  PCAT  Canpatible 
Ports 

-  Detachable  101-Key  IBM  PCAT  Enhanced  Ke^x)ard 

-  12  Expansion  Slot  Backplane 

-  220  Watt  Power  Supply 
Options: 

-  Tbshiba,  Model  ND-322,  3.5"  Floppy  Disk  Drive 

-  ICMEGA,  Model  Beta  20,  Disk  Drive  with  Integrated 
SCSI  Controller 

-  ICMEGA  SCSI  Adapter,  Model  PC3/PC3B 

-  CPT  Corporation,  Model  BBGA,  Bridge  Board  Graphics 
Adapter 
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(Continued)  105T 

-  Western  Digital,  WD-1002-27X,  RLL  Hard  Disk 
Controller 

-  Seagate,  ST-238,  RLL  Disk  Drive 

-  Hetra,  286  Memory,  Memory  Expansion  Board 

-  IMAgrapii,  Advanced  Color  Graphics  Controller 

-  IMAgraph,  Switched  Enhanced  Graphics  Adapter 

-  Excelan,  Model  EXOS205,  Intelligent  Ethernet 
Control  Card 

-  CDC,  Model  94355,  Hard  Disk  Drive 

-  Microtek,  Model  MS-PCE,  Parallel  Interface  for 
Scanner 

-  Irwin,  Model  265,  Tape  Unit 

-  Hetra,  Model  80386,  Microprocessor  Board 

-  Harris/Lanier  Network  Interface  Card  188 

-  Everex,  Model  659A,  Video  Controller 

-  Seagate,  Model  ST-251-1,  Hard  Disk  Drive 

-  Irwin,  Model  285,  Tape  Unit 

-  Western  Digital,  Model  WD1003V-SM1,  Hard  Disk 
Controller 

-  Hetra,  Model  101-lT,  PCAT  Enhanced  Kei^ooard 

-  CPT,  Model  700250,  PCAT  Enhanced  Ke^iocard 

IBM  COrp.  4455 

Gaithersburg,  MD 

TPC  2  TEMPEST  Personal  Computer  (IBM  5160  PC  XT)  ; 
System  Unit  with  64kB  RCM,  256kB  RAM;  120  or  220  VAC, 
50  or  60  Hz.  TPC  Kei^ooard  II,  83  Ifeys,  English/ 
cyrillic. 

Options: 

256kB  RAM  Eopansion 

360kB  Diskette  Etive 

Second  360kB  Diskette  Drive 

10MB  Fixed  Disk  Drive 

TWO  5MB  Internal  Removable  Hard  Disks 

8087  CO-Processor 

MIL  STD  Ccrnmunications  Adapter 

Asynchronous  Ccmitiunications  Adapter 

SDLC  Ccminunications  Adapter 

3278/79  Emulation  Adapter 

Parallel  Printer  Adapter 

Monochrome  Display  and  Printer  Adapter 

Color  Graphics  Monitor  Adapter 

Downloadable  Character  Di^lay  and  Printer  Adapter 

Advanced  MCL-STD  Ccrantunications  Adapter 

External  EXoal  Hard  Disk  Drives 

External  Tape  Backi^)  Unit 

Improved  Downloadable  Character  Display 

Printer  Adapter 
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132  Cliaracter  Capability 
Two  10MB  Internal  Removable  Hard  Disk  Drives 
Model  4451  TPC  Display  I 
Model  4451-4  TPC  Display  I 
Model  4453  TPC  Color  Di^lay 

IBM  Corp.  4459 

Gaithersburg,  MD  „ 

TPC  4  TEMPEST  Personal  Ccajoputer  (TEMPEST  IBM  5170  PC 
AT) ;  System  Unit  with  64kB  PCM,  512kB  RAM;  120  or  220 
VAC,  50  or  60  Hz.  TPC  Keyboard  IV,  84  Keys 
Options: 

128kB  RAM  Ej?)ansion 

Three  512kB  RAM  Expansions 

1.2MB  Diskette  Drive 

20MB  Fixed  Disk  Drive 

Second  20MB  Fixed  Disk  Drive 

30MB  Fixed  Disk  Drive 

40  MB  Fixed  Disk  Drive 

Two  10MB  Internal  Removable  Hard  Disks 

80287  Co-Processor 

MIL-STD  Coraraunications  Adapter 

Serial/Parallel  I/O  Adapter 

Enhanced  Gra^Aiics  Adapter 

Monochrome  Display  and  ITinter  Adapter 

Hercules  Graj^ics  Adapter 

360kB  diskette  drive 

Model  4451-11  TPC  Di^lay  I 

Model  4461-2  TPC  Color  Display  III 

International  Tech.  Corp.  ITC  P386-^ 

McLean,  VA 

16Mhz  80386  based  personal  ccsotpiter  with  80287 
co-processor,  ei^t  eJ5)ansion  slots,  512kB  RAM  and 
built-in  serial  and  parallel  printer  ports,  and 
101-key  keyboard. 

ITC-CD-8513  Color  Di^lay  Ifonitor 

ITC-CDA-VGA  VGA  Color  Display  Adapter 

ITC-ME-2  2MB  Memory  EJ^ansion  Card 

SMB  Ifemory  Ej^ansion  Card 
ITC-DC-1  Disk  Controller  Adapter 

rrc-FD-1  1.2MB  Half-Hei^t  Floppy  Drive 

ITc-rfd-30  30MB  Removable  Hard  Drive 

ITC-RFD-120  120MB  Removable  Hard  Drive 

rrc-TB-40  40MB  Bacdo^)  Tape  Drive 

TTC-SEC-l  ISAC  2200  Encryptor  Board 

nC-IAN-lO  Fiber  Optic  10-NET  IAN  Adapter 

TTC-MDUSE  2-T  Microsoft  Mouse 
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ITC-SP-1  Serial  Communications  Card 

ITC-IU-1  Advanced  Communication  Card 

ITC-DC-2  Disk  Controller  Adapter 

Computer,  Personal  International  Teoh.  Corp.  ITC  PS2-30-T 

McLean,  VA 

Stand-alone  personal  computer  system  with  a  lOMHZ 
clock,  serial/parallel  ports,  540kB  memory,  3  expan¬ 
sion  slots  &  keyboard 
Options: 

ITC-PS2-MC  30  Math  Coprocessor 

ITC-PS2-MDUSE  Mouse 

ITC-PS2-RD-30  Removable  20MB  formatted  hard  drive 
ITC-PS2-FD-30  to  2  720kB  floppy  drives 

ITC-PS2-3278  3278/79  Emulation  Adapter 

ITC-ES2-A2  Single  Async  Comm  Port  Card 

ITC-PS2-MD  8503  12”  Monochrome  Display 

ITC-PS2-CD-1  8513  12"  Color  Display 

ITC-PS2-CD-2  8512  14”  Color  Di^lay 

Computer,  Personal  International  Tech.  Corp.  ITC  PS2-50-T 

McLean,  VA 

ITC-PS2-50-T  Stand  Alone  Personal  Computer  System  with 
a  lOMHZ  clock,  serial/parallel  ports,  1MB  RAM,  three 
ejq)ansion  slots  and  keihoard. 

lEM  PS2  model  50  all  options  IBM  equipanent  except 
Rodine  Model  3045,  3055  Hard  Drives  and  Tecmar  Memory 
Board. 

Options: 

ITC-PS2-MC  Math  Coprocessor 

ITC-PS2-ME  Memory  Ej^jansion  Card  (8MB  memory) 

ITC-ES2-Mouse  Mouse 

ITC-PS2-RD  Two  Removable  hard  drives;  45MB  or 

55MB  unformatted 

ITC-PS2-FD  Floppy  drives  i:p  to  two  1.44MB  drives 

ITC-PS2-DC  Hard  Disk  Controller  Card 

ITC-PS2-AS  IXial  Async  Ccmm  Port  Card  • 

ITC-PS2-MD  8503  12”  Monochrome  Display 

ITC-PS2-CD-1  8513  12”  Color  Display 

ITC-PS2-CD-2  8512  14”  Color  Di^lay 

ITC-PS2-50-EIHERNET  ETHERNET  Adapter  Card 
ITC-PS2-50-3270  Terminal  Emulation  Adapter  Card 

ITC-EFD-50  5-1/4”  Hi^  Density  Flexible  Mass 

Storage  System 
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Manufacturer 
City,  State 
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Mbdel 

Number 


Ccmpater,  Personal 


Ccffcputer,  Personal 


Canputer,  Personal 


UNISYS  Corp.  T3143-82 

Salt  Lake  City,  UT  , 

PC/HT  100  with  16-bit  Intel  8088  microprocessor  (Model 
200  with  required  feature  F4773-97  installed)  includes. 
Monochrome  itonitor;  256kB  of  RAM  memory  expanc^le  to 
640kB;  one  5-1/4”,  3601^  flexible  diskette  drive;  one 
RS-232-C  asynchronous  interface. 

Required  features:  j  • 

F4773-97  One  5-1/4",  1.2MB  flexible  diskette  drive 

F4911-99  EMC  HI  keyboard 
Selectable  features: 

F4218-00  Intel  8087  Math  co-processor 
F4688-00  256  kB  Memory  e>5)ansion  board 
F4687-00  128kB  Memory  expansion  board 
F5058-00  384kB  Memory  exp^ion  board 
F4910-99  HC  Sync.  Comm,  interface  (Uniscope) 

F5108-00  Tri-port  serial  interface 
F8495-00  Tri-port  serial  interface  cable 
F4819-00  Tilt  rotate  base 
C5181-XX  Power  cord  selections 

UNISYS  Corp.  T3143-88 

Salt  Lake  City,  UT  .  ,  .  o  4. 

PC/HT  Ifodel  300  Personal  Conputer  includes:  System 
processor,  hi^i— resolution  color  inonitor,  256kB  of 
RAM  memory  expandable  to  640kB,  one  5-1/4",  360kB 
flexible  diskette  drive,  one  RS-232-C  asynchronous 
interface. 

Required  Features: 

F4774-00  One  5-1/4",  360kB  flexible  diskette  drive 
F4911-99  EMC  HT  keihoard 
Selectable  Features: 

F4688-00  256kB  Memory  ej^jansion  board  OR 
F5058-00  384kB  Memory  ejqansion  board 
F5108-00  Tri-port  sericil  interface 
F8495-00  Tri-port  serial  interface  cable 
F4217-01  Tilt  rotate  base 
C5181-XX  Pcwer  cord  selections 

Wang  Labs,  Inc.  APC-IM46T 

Irwell,  MA  _ 

tempest  Advanced  Professional  Ipgrades,  PC  CEU  to  APC 
CPU  board  and  disk  drives.  The  75rc-T  can  be  upgraded 
to  XAPC-SxT  TEMPEST  Advanced  Professional  Cortput^ 
with  this  optional  CPU  card  and  associated  APC  disk 
drive  options  with  oxjntroller  card 
Options: 

APC-FM29T  APC  Winchester  Controll^ 

APC-EM23T  20MB  Fixed  Winchester  Disk  Drive 
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Mtniber 


Manufacturer 
City,  State 
Description 

(Continued)  APC-IM46T 

APC-FM2eT  67MB  Fixed  Windiester  Disk  Drive 
APC-IM24T  10MB  Fixed  Winchester  Disk  Drive 
APC-IM33T  1.2MB  Floppy  Diskette  Drive 

Conputer,  Personal  Wang  Labs,  Inc.  PC-XC1-3T 

Lowell,  m. 

Professional  Oonputer  with  8  slots,  512kB  memory, 
single  360kB  diskette  drive,  LEM  emulation  card, 
monitor,  ke^x>ard,  MS-DOS  and  interpretive  basic. 
I^jgradeable  to  PC-XCx-3T-series  PC  and  XMC-SxT- 
series  APC  configurations.  Accredited  in  multiple 
language  character  set  versions  in  addition  to  the 
standard  versions. 

Options: 

75PC-EM02T  Graphics  Card 

75PC-IM20T  3601®  Diskette  Drive 

75PC-IM21Ar  10MB  Fixed  Di^  Drive 
75PC-IM21cr  10MB  Removable  Di^  Drive 
75PC-IM30T  128kB  Memory  E^qansion  Card 

75PC-EM31T  256kB  Memory  E}q>ansion  Card 

75PC-IM32T  512kB  Memory  Ebqansion  Card 

75PC-IM33T  Upgrade  from  128kB  CEU  Card  to 

512kB  CEU  Card 

75PC-IM40T  Remote  TC  Option 

75PC-IM42T  Multiport  Communications  Option 

75PC-IM100T  Reylook  OtVOff  Switch 
75PC-^iCUSE-T  PC  Mouse 

75PC-PSDr  Printer  Sharing  Device 

75PC-EM141-CiA-T  OIS/Allianoe  Local  Communications 
Card 

75PC-EM141-VS-T  VS  Local  Conraunications  Card 
OT1-RM75PC-20T  20MB  Docking  Di^  Drive 
m-75PC-PCI-T  Pd  Interface 

Computer,  Personal  Wang  Labs,  Inc.  PC-XC2-3T 

Lcwell,  MA 

Professional  Computer  with  8  slots,  5121®  memory, 
ducil  601®  diskette  drives,  lEM  emulation  card, 
monitor,  ke!^x>ard,  MS-DOS  and  interpretive  basic. 
Upgradeable  to  PC-XCx-3T,  series  PC  and  xaPC-SXT 
series  APC  configurations.  Accredited  in  multiple 
language  character  set  versions  in  addition  to  the 
standard  versions.  Options  ^plicable  to  the 
PC-XC1-3T  PC  are  also  c^licable  to  the  PC-XC2-3T 
PC. 
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Hodel 

Ntnber 


Oanputer,  Personal 


Oarputer,  Personal 


Coraputer,  Personal 


Hanufacturer 
dty.  State 
Dee^ption 

Wang  Labs,  Inc.  PC-XC4-3T 

Lcwell, 

Professloncil  Ccnputer  vdth  8  slots,  512kB  manory, 
single  360kB  diskette  drives,  10MB  removable 
Winchester  disk  drive,  JEM  eiailation  card,  monitor, 
k^ooard,  MS-DOS,  and  interpretive  basic. 

Upgradeable  to  PC-XCx-3T,  series  PC  and  XAPC-S^ 

APC  series  configurations.  Accredited  in  multiple 
language  character  set  versions  in  addition  to  the 
standard  versions.  Options  applicable  to  the 
PC-XC1-3T  PC  are  ailso  ^plicable  to  the  PC-XC4-3T 
PC 

Wang  Labs,  Inc.  PC280-1AT 

Lowell,  MA 

TPM  PC/AT  oorapatible  professional  ccnputer  with  8 
slots,  640kB  memory,  360kB  single  diskette  drive, 
monitor  card,  flcppy  di^  controller,  seriel/parallel 
ports,  cables  and  keyboard.  Hiis  system  is  rpgradeable 
to  other  PC-280xt  series  product  configurations  and  is 
accredited  in  multiple  language  charac^  set  versions 
in  addition  to  standard  versions.  Optional  products 
ijnder  the  PC280-1T  are  also  optional  products 
for  the  PC280-lAr 

Wang  Labs,  Inc.  PC280-1T 

Lcwell,  MA 

TPM  PC/AT  conpatible  professionail  ccnputer  with 
8  slots,  640kB  memory,  1.2MB  single  diskette  drive, 
monitor  card,  floppy  disk  controller,  serial/parallel 
ports,  cables  and  ke^xard.  Uiis  s;^tem  is 
vpgradeable  to  other  PC-280xT  seri^  product  config¬ 
urations  and  is  accredited  in  multiple  language 
character  set  versions  in  addition  to  standard 
versions. 

Options  to  this  product  include: 

DSK-0012-PC2T  1.2MB  Diskette  Drive 

DSK-0360-PC2T  360]<S  Diskette  Drive 

MEM-0001-PC2T  512kB  Extended  Memory  Board 

SIM-0001-PC2T  512kB  Espansion  Model  for 

MEM-0001-PC2T 

OCM-0001-PC2T  Sync/l^sync.  Cteniraunications  Board 
VS^WIDC-PC2T  VS  Local  Ooniraunications  Cption 

Board 

OIS-^WIDC-PC2T  OIS  Local  Ccmraunications  Option 
Board 

HDD-3401-PC2T  34MB  Full  Hei^t  Fixed  Disk  Drive 
HIX5-6801-PC2T  67MB  Full  Hei^t  Fixed  Disk  Drive 
M1IH-0287-PC2T  80287  Co-processor  Cllip 
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Manufacturer 
City,  state 
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Model 

Number 


Ccarputer,  Personal 


Cortputer,  Personal 


(Continued)  PC280-1T 

MCW-1240-PC2T  Monochrome  Monitor 

AFM-0001-PC2T  Monochrome  Monitor  Arm 

FIS-0001-PC2T  Floor  Stand 

REM-2001-PC2T  20MB  Docking  Disk  Drive 

REM-0001-PC2T  20MB  Replacement  Disk  Drive 

MM-DIR-PC2T  512kB  Board  with  Direct  Memory 

SIM-DIR-PC2T  512kB  l^jgrade  with  Direct  Memory 

DSK-0720-PC2T  720kB  Floppy  Disk  Drive 

VDC-0001-PC2T  Ctolor/Monochrcme  Monitor  Card 

configured  PC280-1T  systems  include: 

280-OIS-T  CIS  Archiving  Workstation  consisting  of 
PC280-1T  with  OIS-WIDC-PC2T  Local  Comtnurii  nations 
Board 

280-VS-T  VS  Archiving  Workstation  consisting  of 
PC280-1T  with  VS-WIDC-PC2T  Local  Comraunications 
Board 

Wang  Labs,  Inc.  PC280-2T 

Lowell,  MA 

IBM  PC/AT  ccaipatible  professional  cortputer  with  8 
slots,  640kB  memo:^,  1.2MB  single  diskette  drive, 

360kB  diskette  drive,  monitor  card,  floppy  disk 
controller,  serial/parallel  ports,  cables  and  key- 
boarf.  Ihis  system  is  \pgradeable  to  other  PC-280xT 
seri^  product  configurations  and  is  accredited  in 
multiple  language  character  set  versions  in  addition 
to  stardard  versions.  Optional  products  listed  under 
the  PC280-1T  are  also  optional  products  for  the 
PC280-2T 
Options: 

YT1-MCX4-1640-T  16"  Monochrome  Monitor 

tempest  Intelligent  200  DPI  Video  Controller 

Wang  Labs,  Inc.  PC280-4T 

Lowell,  MA 

Ihe  PC-280-4T  is  an  IBM  PC/AT  Compatible  PC  with  8 
ejqpansion  slots,  640kB  memory,  a  1.2MB  diskette  drive 
and  a  20MB  docking  disk,  monitor  card,  floppy/disk 
controller,  parallel/serial  ports,  cables  and  keyboard. 
Ihis  series  is  ipgradeable  to  other  PC-280-T  series 
products  and  is  accredited  in  multiple  language 
character  set  versions  in  addition  to  the  standard 
versions. 

Options  for  the  PC-280-3T  include: 

75PC-EM200T  8PFM  Desktop  Laser 

EM018T  60  DPS  Daisy  Printer 

75PC-FM16T  PC  RS— 232-C  Dai^  Printer 

750C-FM16T  160  CPS  Printer 
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Catputer,  Personal 


Manufacturer 
city,  state 
Description 

(Continued) 

FLP-0002-PC2T 

FLP-0001-PC2T 

PEM-2000-PC2T 

MEM-0001-PC2T 

SIM-0001-PC2T 

OCM-0001-PC2Tr 

\^-WlJDC-PC2T 

0IS-WIDC-PC2T 

HIX)-3401-PC2T 

HEO-6801-PC2T 

MIH-0287-PC2T 

10^-1240-PC2T 

APM-0001-PC2T 


PC280-4T 

1.2MB  Diskette  Drive 
360kB  Diskette  Drive 
20MB  Removable  Disk  Drive 
512kB  Extended  Memory  Board 
512kB  Expansion  Module  for 
MEM-0001-PC2T 

Sync/Async  Ccsrimunications  Board 
for  PC2 

VS  Local  Ccaranunications  Option 
(S/W  inc) 

OIS/Alliance  Local  Comm  Option 
(S/W  inc) 

34MB  full  Hei^t  Fixed  Disk  Drive 
68MB  Full  Hei^t  Fixed  Disk  Drive 
80287  Coprocessor  Chip 
Monochrome  Monitor 
Monochrome  Monitor  Arm 


Wang  labs,  Inc.  PC381-T/PC382-T 

Lowell,  MA 

The  PC381T  and  PC382T  are  80386  microprocessor-based 
PCs  with  a  9-slot  chassis.  The  PC381T  has  a  system 
clock  capable  of  running  at  8  or  16MHz  vhile  the 
PC283T  is  capable  of  running  at  an  8  or  20  MHZ  clock 
rate.  Memory  configurations  are  available  from  IMB  up 
to  16MB  per  memory  board,  and  can  be  configured  in 
256kB  or  IMB  increments.  Several  floppy  choices  are 
available  such  as  360kB,  720kB,  1.2MB,  and  1.44MB.  A 
removable  20MB  is  also  orderable  and  to  two  can  be 
configured  per  system.  On  the  CEU  board  there  is  one 
parallel  and  two  serial  ports  as  well  as  a  socket  for 
an  80387  co-processor.  The  PC381T  or  PC382T  can  also 
be  ordered  as  an  v:pgrade  to  the  Wang  TEMPEST  PC28PT 
product  line.  Multiple  keihoards  are  available 
including  country  specific  configurations.  Model 
numbers  and  descriptions  for  the  above  PC  products 
follow: 

Yn-PC381-2FMr  16MHz  CHJ,  IMB  Ifemory,  1.2MB  FLP, 

20MB  REM  and  Disk  Controller 
YTl-PC382-2RMr  20MHz  CHJ,  2MB  Memory,  1.2MB  FLP, 

20MB  REM  and  Disk  Controller 
YT1-PC381-1T  16MHz  CEU,  1MB  Memory,  1.2MB  FLP, 

360kB  FLP  and  Disk  Controller 
Yn-PC382-lT  20MHz  CEU,  IMB  Memory,  1.2MB  FLP, 

360kB  FLP  and  Disk  Controller 
Yn-PC381-CEUT  16MHz  CEU,  All  Memory  and  Options 

Sold  Separately 

Yn-PC382-CPUT  20MHz  CEU,  All  Memory  and  Options 
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Corputer,  Personal 


Manufacturer 
City,  State 
Description 


(Continued) 

Yn-PC280^1T 


m-381-VB-l 


YT1-UJH-381T 

YT1-UJI1-382T 

YT1-SIM-2-PC3T 

Yn-SIM-1-PC3T 

YT1-MEM-03-PC3T 

YTHy[EM-04-PC3T 

YTH^aH-16-PC3T 

YT1-MIH-20-PC3T 

Yn-HEO-42-PC2T 

YTl-724/KH>-XX-Xr 

YTl-723/KH>XX-Xr 

PC2T-CK-XX 

YT1-HEO-01-PC2T 

iym-1240-PC2T 

MCaj-1450-PC2T 

YT1-EEM-80-PC2T 

YT1-SCN-01-PC2T 


PC381-T/PC382-T 
Sold  Separately 

PC280-T  with  640kB  Memory,  All  Other 

Disk  Video  and  Ke^iDoard  Options 

Ordered  Separately 

381  with  1MB  Memory,  Archiving  1.2MB 

Drive  and  Host  Connection  for  VS/OIS/ 

ALLIANCE 

16MHz,  80386  CPU,  with  1MB  RAM  Upgrade 
Kit  for  280^ 

20MHz,  80386  CPU,  with  1MB  RAM  Upgrade 
Kit  for  280-T 

IMB  RAM  Modules,  256kB  Increments 
4MB  RAM  Modules,  1MB  Increments 
1MB  Memory  Board  (256kB  Increments) 

4MB  Memory  Board  (1MB  Increments) 

80387  Co-processor  for  16MHz 
80387  Co-processor  for  20MHz 
42MB  Fixed  Drive 
TEMPEST  724  Keyboard 
TEMPEST  723  Keit)oard 
TEMPEST  723  Country  Kit 
ST-506  Controller 
12"  Monochrome  Monitor  (EGA) 

14"  Color  Monitor 
80MB  Docking  Disk  Drive 
Scanner  Controller  Card 


Wang  Labs,  Inc.  XAPC-SIT 

Lcwell,  MA 

Advanced  Professional  Corrputer  with  8  slots,  512kB 
memory.  1.2MB  diskette  drive,  keit)oard,  MS-DOS,  and 
interpretive  basic.  Accredit^  in  multiple  language 
character  set  versions  in  addition  to  standard 
versions. 


Options  to  this  product  include: 


APC-PM23T 

APC-EM25T 

APC-PM29T 

APC-EM36T 

APC-PM51T 

APC-IWST 

APC-EM08T 

75PC-PM04T 

75PC-PM01T 

APC-IM26T 

APC-FM24T 


20MB  Winchester  Disk  Drive 

30MB  Winchester  Disk  Drive 

APC  Winchester  Controller 

10MB  Winchester  Disk  Drive 

512kB  Memory  l^jgrade 

IWS' monitor,  25'  cable 

CGI  card  with  keycaps  and  IBM  emulation 

7500T  PC  Monochrome  di^lay 

7500T  PC  tfonitor  card 

67MB  Winchester  disk  drive 

10MB  Removable  Winchester  disk  drive 
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Ccmpiter,  Personal 


Coiputer,  Personal 


Conputer,  Personal 


Conpiter,  Personal 


Manufacturer 
city.  State 
Description 

(Continued) 

APC-PM34T 

APC-IM35T 

200-1124 


Model 

Muniber 


XAPC-SIT 

1.2MB  Diskette  Drive 
360kB  Di^tte  Drive 
80287  CO-prooessor  Chip 


Wang  Labs,  Inc.  XAPC-S2T 

Lcwell,  MA 

Advanced  Professioncil  Ccxtpiter  with  8  slots,  512kB 
memory,  1.2MB  diskette  drive,  20MB  Fixed  Winchester 
Drive,  keyboard,  MS-DOS,  and  interpretive  basic. 
Accredited  in  multiple  language  character  set  versions 
in  additicffi  to  standard  versions.  Cptional  products 
under  the  XAPC-SIT  are  also  cptional  products 
for  the  XAPC-S2T 


Wang  Labs,  Inc.  XAPC-S3T 

Lcwell,  MA 

Advanced  professional  Conpiter  with  8  slots,  512kB 
memory,  1.2MB  diskette  drive,  67MB  Fixed  Winchester 
Drive,  ke^xiard,  MS-DOS,  and  interpretive  basic. 
Accredited  in  multiple  language  character  set  ver¬ 
sions  in  addition  to  standard  versions.  C^tional 
produchs  listed  under  the  XAPC-SIT  are  also  cptional 
products  for  the  XAPC-S3T 


Wang  Labs,  Inc.  XAPC-ST 

Lcwell,  MA 

Advanced  Professional  Coipiter  with  8  slots,  512kB 
memory,  single  360kB  diskette  drive,  ke^xiard, 

MB-DOS,  and  interpretive  basic.  Accredit^  ^  . 

multiple  language  character  set  versions  in  addition 
to  standcird  versions.  Optional  products  listed  under 
the  XAPC-SIT  are  also  cptional  products  for  the 
XAPC-ST 


Zenith/INTBQ,  INC.  ZVC-0003-AA 

Herndon,  VA 

IBM  PC  AT  Ccmpatible  Personal  Ccmpiter. 
Standard  Features: 

MS-DOS  Cperating  System 
8MHz  80286  Processor 
512kB  RAM 

Color  Graphics  Adapter 
Two  Parallel  Ports 
Two  Asynchronous  Serial  Ports 
One  Asynchroncius/Synchronous  Serial  Port 
Real  Time  Clack 
Options: 

OVra  360kB  5-1/4”  Flcpjy  Disk  Drives 
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(Continued)  ZVC-0003-AA 

Two  1.2MB  5-1/4"  Flc^jpy  Disk  Drives 
Two  1.4MB  3-1/2”  Microflc^^py  Disk  Drive 
Oie  360kB  5-1/4"  and  One  1.2MB  5-1/4"  Floppy  Disk 
Drives 

One  360kB  5-1/4"  Flc^:^  Disk  Drive  and  One  1.4MB 
3-1/2”  Microfloppy  Disk  Drive 

One  1.2MB  5-1/4”  Flc^y  Disk  Drive  and  One  1.4MB 
3-1/2"  Microfloppy  Disk  Drive 
One  53MB  Removable  Hard  Disk  Drive 
Two  53MB  Removable  Hard  Disk  Drives 
ZVM-122T  OGA  Monochrome  Monitor 

ZVM-133T  C3GA  Color  Monitor 

ZTA-549  Adapter  (Required  for  VGA  Monitor) 

IG-7-T  Three  Button  Mouse 

ZCM-1490-T  VGA  Color  Monitor 

AT  Compatible  84-key  KeiiDoard 
ZTA-lOl  AT  Compatible  101-key  Ke^^xsard 

80287  Math  Coprocessor 

ZT-425-1  1.1/1. 5MB  RAM  Expansion 

5/3/91:  Comapny  notified  by  letter  of  suspension  due 
to  failure  to  provide  Annual  Equipment  Inventory 
Report.  Product  will  appear  in  Section  IV  of  July  1991 
PPL. 

05/08/91:  Received  the  Annual  Inventory  Report  on  7 
May  1991.  The  product  will  now  be  moved  back  to 
Section  II  of  the  July  1991  PPL. 

Ccmputer,  Portable  GEdD  Systems  Corp.  1307 

Framont,  CA 

Portable  ocmputer  featuring:  16-bit  microprocessor 
and  optional  coprocessor;  640  kB;  3-1/2"  720kB 
floppy  disk  drive;  electroluminescent  flat  p)anel 
di^lay;  asynchronous,  synchronous,  centronics,  and 
GPIB  interfaces 
Option; 

Model  3407  3.5”  Diskette  Drive 

Control  Unit  Dataproducts  New  England  MC3-188/114 

Walli^ford,  CT 

Milti-Channel  Crypto  Controller  with  188/114  Interface 

Control  Unit  Titan  Corporation  BASIQ-1821-T 

Vienna,  VA 

Ccammunications  Controller 
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MUEDiber 


Digitizer 


Digitizer,  Tablet 


Disk  Drive 


Disk  Drive 


Disk  Drive 


Disk  Drive 


Disk  Drive 


Manufacturer 
City,  State 
Description 

Ilex  Systems,  Inc.  VDC  4824T 

Milpitas,  CA 
Voice  Digitizer 
Options: 

96  (suffix)  -  9600  tp/s  Transmission  Speed 
Shielded  Cable  Interface  Adapter  Kit  for  the 
above  models 

Datawatch  Corp.  DAIAWATCH  1201 

Wilmington,  MA 

tempest  Gr^iiics  Digitizing  Tablet  for  use  with 
graphics  workstations  and  personal  ccmputers. 

Features; 

Four-button  cursor  for  hi<^  accuracy  tracing 
stylus  for  freehand  drawing 

110  volt/60  Hz  or  230  volt/50-60  Hz  power  supplies 

Datasec  Corp.  DSD-210 (220) 

Wilton,  NH 

Disk  Drive  storage  device  with  an  SCSI  interface. 

Ihe  DSD-210  contains  two  8”  cartridge  drives  that 
can  each  accept  one  10MB  Bernoulli  cartridge  (total 
capacity  of  20MB) .  The  DSD-220  contains  two  8” 
cartridge  drives  that  can  each  accept  one  20MB 
Bernoulli  cartridge  (total  capacity  of  40MB) . 

(OEM  is  ICMega  Corp.) 

(^tion: 

Macintosh  Interface 

Wang  Labs,  Inc.  2269V-3T 

Lowell,  MA 

7IMB  Portable  Disk  Drive 

Wang  Labs,  Inc.  2269V-4T 

Lowell,  MA 

Optional  142MB  Portable  Winchester  Drive  for  use  with 
the  VS5T  and  VS6T  Systems 

Wang  Labs,  Inc.  7565-2T 

Icwell,  MA 

OIS/Alliance  275MB  Removable  Disk  Drive 

Wang  Labs,  Inc.  7565V-2T 

Lowell,  MA  .... 

VS  288MB  Removable  Disk  Drive,  Disk  switch  cption  is 

SW04-1  (VS  only) 
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Model 

Mlanber 


Manufacturer 
aty,  state 
Description 

Disk  Drive  Wang  Labs,  Inc.  Yri-7595(V)-CxT 

Lcwell,  M?^ 

A  modular  di^  drive  cabinet  assembly.  It  is  composed 
of  a  7595-CxT  cabinet  with  a  maximum  of  2  drives  to  be 
installed.  Cabinet  modules  can  be  stacked  to  3 
modules  hi^.  A  cabinet  base  (DSC-BT)  is  required  for 
single  or  stacGced  cabinet  modules.  Each  module  has  2 
individucd  drive  cavities  that  can  be  accessed  independently 
or  ccamected  serially  by  external  I/O  A  and  B  disk  drive 
cables.  The  Yn-7595(V)--Ckr  can  accomodate  either  1  or  2 
80MB  disk  drives  or  1  or  2  452MB  di^  drives.  Model 
numbers  are  as  follows: 

DSC-BT  Modular  disk  storage  cabinet  base  unit. 

7567V-1T  Optiaial  80MB  Removable  Storage  Drive.  This 
drive  offers  72MB  formatted  capacity  and 
is  compatible  with  VS  CEUs.  Disk  Switch 
is  SW04-2T  (VS  only) . 

7567-lT  Optional  8(»1B  RSD  Disk  Drive  with 

removable  di^  pack,  compatible  with 
OIS/Alliance  CEUs. 

m-2268V-4T  Optional  452MB  Fixed  Storage  Drive.  Ihis 
drive  offers  452MB  formatted  capacity. 
Yn-7595V-C1T  One  7595-C>d?  cabinet  and  one  7567V-1T 
8QMB  disk  drive. 

Di^lay  Candes  Systems,  Inc.  2019T 

Harleysville,  PA 

19”  Color  Monitor,  29  to  37KHz  scan  rate,  1080  ly 
1024  pijffil  resolution 

Di^lay  Candes  Systems,  Inc.  2119T 

Harle^ille,  PA 

Ultra  Hi^  Resoluticai  Color  Mcaiitor,  1280-1024  (non 
interlaced)  with  64KHZ  Horizontal  Scan  Rate 
Optiois; 

RASTER  OPS  Driver  Card 
Auto-Trak  Mode 

Di^lay  Datasec  Corp.  DSM-120 

Wilton,  NH 
Monochrome  Mcaiitor 

Di^lay  Hetra  Ccmputer  &  Ceram.  Ind.  4902T 

Sebastian,  FL 
12”  Monochreme  Mcwiitor 
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Eguipnent  Category 


Di^lay 


Di^lay 


Display 


Facsimile 


Mzmufacturer  Model 

city,  state  Ntmiber 

Description 

Mit^  Systems,  Inc.  T5119 

Sterling,  VA 

19-inch  Hi^  Resoltition  Color  Mcaiitor 
Options: 

T5119-1  Maximum  Resolution  1024  x  1280  Pixels 
T5119-3  Ifeximum  Resolution  1024  x  768  Pixels 

Wang  labs,  Inc.  75PC-RM101T 

Irwell,  MA 

Professional  Oonputer  Wang/IEM  Emulation  Monochrcme 
Monitor  Option 

Wang  Labs,  Inc.  MDN-1450-PC2T 

Lowell,  MA 

Professional  color  monitor 
Features: 

Medium  resolution  14”  (13”  viewable)  di^lay  color 
Graphics  &  character  c^jabilities  (for  PC280-XT  & 
PC380-xr  series  professional  ccrapiters) 

Supports  many  of  today's  most  popular  software 
packages  &  industry  standard  modes  including: 

-  enhanced  graphics  (EGA) 

-  color  grcphics  (OGA) 

.31  mm  dot  pitch  gives  a  resolution  of  ip  to  800 
X  600  pixels  on  a  screen  that  yields  an  80-column  by 
25-row  display 

Integral  base  has  a  tilt  range  from  5  degrees  fopjard 
to  15  degrees  bacikward,  along  with  a  180  degree  swivel 
rotation  for  greater  flexibili"^  &  viewing  comfort 
Side  panel  controls,  vhich  are  design^  to  provide 
easy  access  &  enhanced  di^lay  quality  including: 

-  On/Off 

-  Horizontal  Positioning 

-  Vertical  Positioning 

-  Bri^tness 

-  Contrast 

Rear  panel  switches  provide  controls  for  the  following: 

-  Over  Scan 

-  Preset  Cancel 

-  Analog/TTL  irputs 

Cryptek,  Inc.  TS-10 

Herndon,  VA 

Digital  Facsimile  Transceiver 

Designed  for  wide  range  of  operating  environments. 

CCMSEC  Supported:  H3-13,  H3-30,  Kf-57/58,  KY-68/78,  KG-84 

Family,  STU-II,  SlU-III,  and  others. 
Programmable  Crypto  Resync. 

Interface:  RS232,  RS449,  MrL-STD-188-114,  others. 
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Manufacturer 
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Description 

(Continued)  TS-10 

Modems  Sv^ported:  V.22,  V.27,  V.29,  V.32,  others. 

Data  Rates:  1.2  Wps  to  32.0  kbps  synchronous,  ip  to 
19.2  kbps  asynchronous. 

Oaranunications  Error  Tolerance:  Ip  to  5  x  10-2  BER. 

Radio  Si^port:  HF,  VEJF,  UHF,  UHF  Satellite,  others. 

Data  Sense  Tolerance:  Normal  and  inverted.  No  image 

retention. 

Protocols:  MIL-STD-188-161A,  Type  1,  STANAG  5000 
IVpe  1  and  others  (See  below) . 

Modes:  Unccsrpressed,  Ccmp.,  Cc^.  with  EEC. 

Formats:  B/W,  halftones,  and  others  (See  Below) . 
Resolutions:  200  x  200,  200  x  100,  &  100  x  100  cpi. 
Original  Document:  Width  ip  to  11.7"  (A3)  with  auto 

reduction  to  8.5"  (A4) . 

Printing:  Thermal,  auto  paper  cut,  100m  roll. 

Auto  Document  Feed:  30  page  capacity. 

Reports:  Transmit,  Receive,  activity,  and  others. 

Power:  115  VAC  standard. 

MIL-STD-188-161  &  STANAG  Type  II:  4,  8,  &  16  level  Gray 

Scale  option.  Model  1070. 
Standard  01  &  02  synchronous  protocols,  standard. 
Non-standard  01,  02,  &  03  synchronous  protocols  option. 
Model  1025. 

Non-standard  04  &  05  asynchronous  protocols  option. 

Model  1026. 

CCm  G3  ccmmercial  fax  option.  Model  1042. 

Facsimile  Mitek  Systems,  Inc.  850T 

San  Diego,  CA 

Digital  Facsimile  Transceiver 

Interface  Types:  RS-232C  Asynchronous  (300b/s  - 

19.2Wo/s)  and  Synchronous  (2.4kb/s  -  9.6kb/s) 

Scaimiing  Method:  Flat  Bed  Solid  Image  Sensor  (CCD 
Array) 

Recording  Method:  High  Speed  Thermal  Printer  (196  x 
204  Ipi  maximum) 

Operational  Modes:  ASCII  Terminal,  Ttext  Printer,  and 
Copy 

Special  Features:  R-3312/TA,  GFE  Crypto  (including 
STU-III,  Stetistical  Multiplexer,  X.25  Pad,  and  Digital 
PBX  CCTtpatible.  Document  storage,  retrieval,  and  dis¬ 
tribution  throu^  PC  based  software.  Halftone,  Con¬ 
trast,  and  Resolution  control.  Auto-Dial  and  Polling 
capabilities. 

Dimensions:  17.4"W  x  13.2"L  x  11.3"H 
Weight:  37  lbs. 

(OEM  is  Ricch  Ctorporation  Model  No.  R-2112T) 
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Facsimile 


Interface,  Ccmraunication 


Interface,  CTraraunication 


Interface,  Coinraunication 


Manufacturer 
city.  State 
Description 


Model 

number 


Secure  Services  Tech.,  Inc.  SST-Tl 
Falls  Church,  VA 

Facsimile  Single-Port  One  Ped  MIL-STD-188-114 
Digital  Data  Port 

FiterCom,  Inc.  WhisperlANA 

Fiber  C^ic  Ethernet  Transceiver;  Intra  ring  (Gl)  and 
Inter  ring  (G2)  style  WhisperlANA  units  120  Va.  C. 
and  240  Va.  C.  power  line  voltage  ST  and  SMA  style 
qptical  connectors 

Mit^  Systems,  Inc.  810T 

San  Diego,  CA 

Lazershare  Printer  Sharing  Device,  communications 
switch.  4  serial  (110  b/s  to  19.2  kb/s)  and  3  bi¬ 
directional  parallel  ports.  512kB  buffer  concurrently 
accepts  data  from  multiple  sources.  Automatic  protocol 
conversion.  Configuration  controlled  by  front  panel  or 
cxmmands  in  data  stream.  Configuration  stored  in  CMOS 
RAM  with  battery  backi?).  Graphics  capability 

Titan  Corporation  1800-T 

Vienna,  VA 

The  Iteqcom  Standard  Interface  Device  (SID)  1800^  is 
a  6-channel  communications  interface  and  controller 


Interface,  Communication  Wang  Labs,  Inc.  3278/79-IMDL-T 

Lowell,  MA 

A  emulation  board  that  is  used  with  the 

Wang  PC280-xT/PC380-xT  series  of  products  as  an  option. 
The  board  allows  the  PC280-xT  and  PC380-xT  to  emulate 
an  IBM  terminal  over  type  A  coaxial  compatible  cable. 
Also,  the  board  will  have  the  SNA  emulation  capability 
of  providing  for  file  transfer  from  the  PC  to  an  IBM 
host  that  has  the  appropriate  Forte  Net  II  or  Irma 
Link  software  components.  The  3278/79  subsystem 
consists  of: 

An  internal  card  for  PC280-xT/PC380-xT  and  software 
A  filter  card  for  PC280-xT/PC380-xT  I/O 
A  9-foot  double-welded  single-coax  cable  with  TNC 
connector 

A  3"  RF  cable  with  BNC/BNC  connectors 
An  in-line  filter  assembly  box  (interface  to  user's 
Type  A  RG62  cable) 

The  user's  responsibility  includes  provision  of  an 
adequate  TEMPEST-conditioned  cable/network  connection 
to  our  interface  connection. 
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Eguipnent  Category 


Interface,  Ctatimunication 


Interface,  Ccaranunication 


Interface,  Ocammunication 


Interface,  Coiiinunication 


Hanufcu±urer  Model 

City,  State  NUniber 

Description 

Wang  Labs,  Inc.  6554 -IT 

Lowell,  MA 

Standard  External  Chassis  with: 

One  64kB  data  coamnunications  controller  (TCT) 

One  front  panel  (FP6554T)  for  OIS/Alliance  CHJs  & 

VS  ccaaoputer  systems 

Four  data  ccramunications  controllers  (TCT  or  TCIT) 
supported  in  external  chassis  for  connection  to 
OIS/Alliance  CPUs  or  VS  coiputer  systems.  Each 
controller  requires  an  cptional  connector  and 
front  panel 

Optional  connectors  include: 

TCI^RS232T,  TCP-RS449T,  TCP-RS366T,  and  TCP-X21T  for 
the  6554-lT  or  the  6554-2T  external  chassis. 
Optional  front  panels  include: 

FP6554T  Front  Panel  for  6554-lT  or  6554-2T  External 
Ohassis 

Optional  Controllers  are: 

TCT  64kB  Data  Ctoraraunications  Controller 
TCIT  128kB  Data  Odmmunications  Controller 

Wang  labs,  Inc.  6554-2T 

Lowell,  MA 

Standard  External  Chassis  with: 

One  128kB  Data  cominunications  controller  (TCIT) 

One  front  panel  (FP6554T)  for  OIS/Alliance  CPUs  & 

VS  ccaiputer  systems 

Four  data  ccmmunications  controllers  (TCT  or  TCIT) 
sipported  in  external  chassis  for  connection  to 
OIS/Alliance  CPUs  or  VS  computer  ^sterns.  Each 
controller  requires  an  cptional  connector  and 
front  panel 

Cptional  connectors,  front  panel,  and  data  communi¬ 
cations  controller  for  the  6554-lT  external  chassis  are 
ajplicable  to  the  6554-2T  external  chassis 

Wang  Labs,  Inc.  7561T 

Lcwell,  MA 

WISE-Wang  Intersystem  Exchange  Device 

Wang  Labs,  Inc.  WACS-XXT 

Lcwell,  MA 

The  WACS-xxT  is  a  family  of  asynchronous  communica¬ 
tion  d^ice  controllers,  vhich  allow  ANSI  X3.64- 
ccmpatible  asynchronous  devices  to  communicate  with 
Wang  VS5-xT,  VS6-XT,  VS65-xT,  VS75-XT  and  7585VST-X 
Ccmputer  Systans. 

Standard  WACS-T  products  include: 

WACS-16T,  16-Port  External  Chassis 


Page  5-42 


Equipment  Category 


Interface,  Fiber  Optic 


Manufacturer  Model 

City,  State  Number 

Description 

(Continued)  WACS-XXT 

WACS-32T,  32-Port  External  Chassis 

25V-WACS-16T,  16-Port  ACS  package  with  modular  serial 
controller  &  cable  kit  for  VS5— jtfT,  VS6— xT,  VS65— xT,  & 
VS75E-XT  computer  systems 

25V-WACS-32T,  32-Port  ACS  package  with  modular  serial 
controller  &  cable  kit  for  VS5-xT,  VS6-xT,  VS65-xT,  & 
VS75E-XT  computer  systems 

22V-^CVCS-16T,  16-Port  ACS  package  with  modular  serial 
controller  &  cable  kit  for  7585VST-X  computer  systems 
Options; 

KET-WACS-IT,  Cable  kit  for  7585VST-X  computer  systems 
KIT-WACS-2T,  Cable  kit  for  VS5-xT,  VS6-xT,  VS65-XT,  & 
VS75E-XT  coaiEputer  systems 

200-0655-lT,  12-foot  WACS-T  PS-232  Cable  Assembly 
200-0655-2T,  25-foot  WACS-T  RS-232  Cable  Assembly 
200-0655-3T,  50-foot  WACS-T  RS-232  Cable  Assembly 
200-0655-4T,  100-foot  WACS^  RS-232  Cable  Assembly 

ADC  Telecornimiunications,  Inc.  Fiber  Mate  System 
Minneapolis,  MN 

Ihe  Fiber  Mate  System  is  a  modular  system  consisting 
of  electrical  to  cptical  signal  conversion  modules  and 
card  cage  type  chassis.  Ihe  Fiber  Mate  System  provides 
a  transparent  transmission  link  via  fiber  optic  cable 
between  electrical  irput/output  eqtdpment.  The  various 
signal  conversion  modules  may  be  mixed  in  a  single 
chassis  to  support  specific  customer  requirements. 
Chassis: 

RSACC-16  -  Stand-alone  chassis  si^porting  vp  to  2 
conversion  modules.  Contains  a  single  power  simply  and 
cperates  on  90-130  VAC,  47-63HZ. 

RIDCC-16  -  Rack  mountable  card  cage  chassis  16"  deep, 
5.25”  hi^,  and  19"  wide.  SuEports  ip  to  10  cxDwersion 
and  provides  dual  redundant  power  supplies. 
Pcwer  requirements  are  90-130  VAC,  47-440  Hz. 

Modules: 

ISCM-01  -  Low  Speed  Digitel  Miltiplex  Module  converts  4 
independent  full  di^jlex  electrical  signals  (75  b/s  to 
64  kB/s  into  a  transmit  and  rec:eive  c^tical  signal.  Is 
cxmpatible  with  balanced  or  imbalanced  MIL-188-114,  and 
EIA  232,  423,  422,  and  530  type  signals. 

HSCM-78  -  Hi^  Speed  Conversion  Module  provides 
electrical  to  cptical  conversion  of  3  independent  full 
diplex  signals  on  a  single  card.  Data  rates  range  from 
75  b/s  to  20MB/S  for  cations  1  and  3  (78  ohms  and  124 
chms,  respectively)  and  75  b/s  to  5  MB/s  for  option  2 
(100  ohms) .  Conpatible  with  EIA-422,  MII^188-114  Type 
II  and  III. 
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Interface,  Fiber  Optic 
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Interface,  Fiber  Optic 
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City/  State  Number 

Description 

(Continued)  Fiber  Mate  System 

TIPBX-01  -  Private  Brandi  Exchange  Interface  Module 
provides  4  full  di^jlex  two-^ire  subscriber  loop 
ccfflopatible  ccramunication  links  over  fiber  optic  cable 
viien  used  with  the  VIM. 

TIFM-01  -  Tel^shone  Interface  Module  provides  4  full 
diplex  two-wire  subscriber  locp  compatible 
coniiiunication  links  over  fiber  c^ytic  cable  when  used 
with  the  VIM. 

VFM-01  -  Voice  Fr^enoy  Multiplex  Module  provides 
electrical  to  optical  conversion  of  4  four-wire  VF 
channels  with  E/M  signalling. 

Digital  Equipment  Oorp.  RF-POAFB/MB-AA 

Nashua,  NH 
Fiber  Optic  Adapters 

RF-PQAFB-AA,  Fenale  25-pin  electrical  connector 
controller 

RF-PQAMB-AA,  Ifale  25-pin  electrical  connector 
controller 

FiberCcm,  Inc.  Whisperphone  I 

Roanoke,  VA 

WhisperEhone  1,  Model  WPI-REMHE 
WhisperFhone  1,  Model  WPI-SIU-II 
Interface  Cable  Part  No.  023-524 

Versitron  MllXOS 

Annapolis  Junct,  MD 

RS-232C/MILf-188  Fiber  Optic  Interface  Extender 
M1120S  (DTE) 

MlllOS  (DCE) 

Wang  Labs,  Inc.  FiberWay 

Lowell,  MA 

Miltiplexed  fiber  cptic  data  link  si:?portijog  from  1 
to  16  peripheral  connections  on  7500AT  CPUs  and  7500T 
VS  Computer  System  Masters 
Product  includes: 

FW-APA-2T,  IWo  port  FiberWay  panel  with  link  alarm 
that  mounts  in  the  Master's  back  panel 

fW-RCS-16T,  Fiberway  Remote  Cluster  Switch  with  link 
alarm  si^Dporting  l  to  16  coaxial  connections 
FW-QA-AT,  FiberWay  Electrical  I/O  Processor  Board 
for  OIS/Alliance  CHJs 

25V67T,  Serial  I/O  Processor  Board  for  VS65-xT, 
VS5-XT,  &  VS6-XT  Computer  Systems 

75V02T,  Serial  I/O  Processor  Board  for  7585VST-X 
Computer  Systems 
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Interface,  Fiber  Optic 


Interface,  Fiber  Optic 


Modem 


Mouse 


Mouse 


Multiplexer 


Multiplexer 


Manufeicturer 
City,  State 
Description 

Wang  Labs,  Inc.  PO-MC-ITA 

Lcwell,  MA 

Fiber  Optic  Converter  with  Link  Alarm 

Wang  Labs,  Inc.  PO-^K-IT 

Lowell,  MA 

Fiber  Optic  Converter 

Opteleccm,  Inc.  4131Pr/4131ST 

Gaithersburg,  MD 
Fiber  Optic  Full-IXplex  Modem 

Aura  Technologies  Inc.  M4-T 

Sterling,  VA  . 

Mouse,  (Graphic  pointing  device) ,  Serial  version 
(RS-232) ,  3-button  Optical  Mouse  (OEM  Mouse  Systems 
Corporation) 

Delta  Data  Systems  Corp.  T87-610 

Columbia,  MD 

3-button  Grafiiics  Ir^t  Device 
Standard  features: 

-  Serial  Interface 

-  200  DPI  Resolution 

Dataproducts  New  England  2048AT-16 

Wallingford,  CT 

Same  as  AN/FCC-100  (v) 3X 
16-Channel  Time  Division  Multiplexer  with  any 
configuration  frcxn  the  following  list  of  port  modi^es 
and  optional  aggregate  assemblies  (all  configurations 
include  Asymmetric  cperation) : 

Synchronous  Port  Module 

Asynchronous  Port  MxJule 

EIA  RS-422V423A  Aggregate 

Low  Speed  MIL-STD-188-114A  Aggregate 

Statistical  Multiplexer  (Basic)  Port 

Statistical  Submux  (Ej^ansion)  Module 

Conditioned  Diphase  Port  Module 

Isochronous  Port  Module 

Hi^  Speed  MIL-STEH188-11A  Aggregate 

PCM  Voice  Port  Module 

CVSD  Voice  Port  Module 

Dataproducts  New  England  2048AT-32 

Wallingford,  CT 

32-Channel  Time  Division  Miltiplexer  with  any 
configuration  from  the  follcwii^  list  of  port  modi^es 
and  optional  aggregate  assemblies  (all  configurations 
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Model 

MUniber 


Multiplexer 


Network 


(Continued)  2048Ar-32 

include  Asynmetric  operation) : 
Synchronous  Port  Module 
Asynchronous  Port  Module 
RS-422V423A  Aggregate 
Hl0i  Speed  MIL-sro-188/114A  Aggregate 
Low  Speed  MIL-sro-188/114A  Aggregate 
Isochronous  Port  Module 
Conditioned  Diphase  Port  Module 
Statistical  Sutanux  (Basic)  Module 
Statistical  Subniux  (EDqpansion)  Module 
CVSD  Port  Module 
PCM  Port  Module 


General  DataCcmm  Sys. ,  Inc.  Megaswitch  IMP 
Middldoury,  CT 

Ihe  Megaswitch  IMP  is  a  Time  Division  Multiplexer 
that  is  ccnposed  of  a  power  st^ly,  system  control 
unit  and  vp  to  four  expansion  units.  Ihe  Megaswitch 
IMP  offers  three  types  of  voice  channels  and  accom¬ 
modates  synchronous,  asynchronous,  or  isochronous  data 
at  cha^l  rates  from  75  bps  to  1.152  mbps.  Ihe 
following  channels  and  aggregates  were  tested: 

Data  Channels:  R5-232  (Async)  75  bps  to  19.2  Wops 

(Sync) 

RS-422  (Sync) 

(Isoch) 

RS-423  (Sync) 

Voice  Channels: 


75  bps  to  19.2  Jdips 
75  bps  to  1.152  mbps 
75  bps  to  64  kbps 
100  kbps 


ADPCM  (Adaptive  Differential  Pulse  Code 
Modulation)  32  y^yps 

ASP  (Advanced  Speech  Processing)  16  Wops 

CVSD  (Continuously  Variable  Slope  Delta)  64  Wcps 

Aggregate  Interfaces: 

KS“422  4.8  Waps  to  2.048  nibps 

MIL-188-114  4.8  Wops  to  100  kbps  Unbal 

4.8  kbps  to  2.048  mbps  Bal. 

RS"423  4.8  Waps  to  100  kbps 


Digital  Equipment  Corp.  RF-H4000 

Na^ua,  NH 

local  Area  Network  Ctmiraunications  Network 
RF-H4000-AA,  RF-Ethemet  Transceiver 
RF-BNSOl-XX,  RF-Ethemet  Cable  Kit  Fiberoptic  Cable 
DC  Pcwer  Cable 

BNE-2A-XX,  Network  Interconnect  Coascial  cable 
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Equipment  Category 


Hodel 

Mniber 


Network 


Optical  Character  Reader 


Optical  Character  Reader 


Optical  Oiaracter  Reader 


Plotter 


Printer 


Printer 


Printer,  Band 


Manufacturer 
dty.  State 
DM^ptlon 

International  Tech.  Corp.  ITC  lAN-HUB-T 

McLean,  VA 

Fiber  Optic  IAN  HUB  with  2  daucpiter  boards  and  one 
mother  board  installed 

Hetra  Ccnoputer  &  Ccnin.  Ind.  9050T 

Sebastian,  FL 

Multiport  Multifont  Optical  Character  Recognition 
Page  Reader  (RS-232/MIL-STD-188C  Interfaces) 

Ilex  Systems,  Inc.  2000T  Series 

Milpitas,  CA 

Models  2020T  and  2030T  Opticcil  Page  Readers  (0!EM  is 
Best  Corp.) 

Mit^  Systems,  Inc.  T5176 

Sterling,  VA 

T5176-1:  Optical  character  reader  \diich  provides 
automated  entry  of  typed  and  type  set 
information  to  a  host  computer 
T5176-2:  Palantir  Document  Processing  System  (9000) 

is  a  page  reader  with  an  RS-232  I/O  port  and 
an  ethemet  port  that  is  optional 

SFA,  Inc.  SEA  1401-T 

Landover,  MD 
Mural  Plotter 
Special  Features: 

RS-232C  Interface 

Aco^ts  Media  Sizes  A  through  E 

Hic^  Resolution 

Data  Rates  Ranging  from  75b/s  to  9600b/s 

Dataproducts  New  England  M3Cr-1200C 

Wallingford,  CT 
Receive  only  Printer 

Dataproducts  New  England  MXr-1200VE 

Wallingford,  CT 
Receive  only  Printer 

Dat^iroducts  New  England  TBIOOO 

Wallingford,  CT 

Band  Printer  interfacing  with  the  following: 

WWMOCS  compatible  Interface 
SUL  Interface 
Long  Lines  Interface 
DPC  Parallel  Interface 
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Equipment  Category 


Printer,  Band 


Printer,  Band 


Printer,  Daisyviiieel 


Printer,  DaisyvJieel 


Printer,  Daisyvdieel 


Manufacturer  Model 

City,  State  Number 

Description 

(Continued)  TBIOOO 

Serial  Interface 
Centronics  Interface 
IBM  3274  TRIAX  to  Centronics  Interface 

Dataproducts  New  England  TB600 

Wallingford,  CT 

Band  Printer  interfacing  with  the  following: 

WWMCCS  Ccffltpatible  Interface 

Long  Lines  Interface 

DPC  Parallel  Interface 

Serial  Interface 

Centronics  Interface 

IBM  3274  TRIAX  to  Centronics  Interface 

Wang  Labs,  Inc.  7574-lT 

Lowell,  MA 

Medium  Speed  Band  Printer 

Wang  Labs,  Inc.  7582T  DSF-IT 

Lowell,  MA 

WP/OIS/Alliance  64kB  Daisy  Printer  with  Dual  Sheet 
Feeder 

Wang  Labs,  Inc.  EW/OS-60AT 

Lowell,  MA 

Ihe  DW/OS-60AT  is  a  Wang  60  Character  Per  Second 
Daisyvheel  printer. 

Special  Features: 

letter  quality  printer 

attached  to  the  VS  and  CIS  coirputer  systems 
prints  at  60  CPS  in  burst  mode 

accommodates  vp  to  15-inch  wide  paper  &  multipart 
forms 
Options: 

triple  bin  feeder  (DSF-60) 
forms  tractor  (Fr-40) 

Wang  Labs,  Inc.  EW/OS-60T 

Icwell,  MA 

The  DW/OS-60T  is  a  Wang  60  Character  Per  Second 
Daisyvheel  printer. 

Special  Features: 

letter  quality  printer 

attaches  to  the  VS  and  OIS  computer  systems 
prints  at  60  CPS  in  burst  mode 
acxxxnmodates  i:p  to  15-inch  wide  paper  &  multipart 
forms 
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Model 

Number 


EguiFnent  Category 


Printer,  Daisy\A4ieel 


Printer,  Dot  Matrix 


Printer,  Dot  Matrix 


Printer,  Dot  Matrix 


Printer,  Dot  Matrix 


Printer,  Dot  Matrix 


Manufacturer 
City,  State 
Description 

(Continued)  EW/OS-60T 

Options: 

triple  bin  feeder  (DSF-60) 
forms  tractor  (Fr-40) 

Wang  Labs,  Inc.  IMDIS-T 

Lcwell,  MA 

Hie  EM018T  is  a  Wang  60  Character  Per  Second 
DaisyvAieel  printer 
Special  Features: 

letter  quality  printer 

attaches  to  the  Professional  computer  systems 
prints  at  60  CPS  in  burst  mode 

acconimodates  rp  to  15— incii  wide  paper  &  multipart 
forms 
Options: 

triple  bin  feeder  (DSF-60) 
forms  tractor  (FT-40) 

Dataproducts  New  England  TOG-200 

Wallingford,  CT 

Dot  Matrix,  Color  GrajAiics,  Inpact  Printer 

Edtaproducts  New  England  TOG-2  02 

Wallingford,  CT 
TOG-200  with  IBM  Graphics 

Dataproducts  New  England  TG-200 

Wallingford,  CT 
Monochrome  Version  of  TOG-2  00 

Datasec  Corp.  DSP-225-232 

Wilton,  NH 

Dot-itatrix  inkjet  printer  w/serial  RS-232  I/O  (OEM 
Hewlett  Packard) 

Delta  Data  Systems  Corp.  EX-85T 

Columbia,  MD 
Dot  Matrix  Printer 
Standard  features: 

RS-232C  serial  interface 
160  cps  draft 
32  cps  NIQ 

80  columns,  132  compressed 
Easy  ribbon  replacement 
Front  panel  controls 
Friction  and  pin  feed 
Small  footprint 
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Equipment  C3ategoxY 


Model 

Number 


Manufacturer 
City,  State 
Description 

(Continued)  FX-85T 

Options: 

Ejqjanded  buffer  board 
Parallel  interface 

Printer,  Dot  Matrix  Digital  Equipment  Corp.  rf-taidr-aa/ra 

Nai^iaa,  NH 
Dot  Matrix  printer 
Special  Features: 

180  cps  draft 

45  cps  near  letter  quality 
Graphics 

friction  and  tractor  feed 
RS232  interface 
Option: 

Sheetfeeder 
(OEM  Genicom  3184) 

Printer,  Dot  Matrix  Security  Comm,  of  America  EX-IOOOT 

Wallingford,  CT 

Epson  EX-IOOOT  Dot  Ifetrix  Printer 
Special  Features: 

IBM  and  Epson  canpatible 
Color 

Print  Speeds  i:p  to  300  Characters  Per  Second 
Hi^  Resolution  Graphics 
Multiple  Character  Fonts 
Large  Internal  Buffer 

Printer,  Dot  Matrix  UNISYS  Corp.  25B 

Salt  Lake  City,  UT 
Model  T0425-59 
Special  Features: 

120V/60HZ 

Hi^  Density  or  Data  Processing  Quality 
200  Characters  per  second  maximum 
Centronics-ccsipatible  Interface 
Power  Cord 
Required  features: 

F3861-00  Forms  Tractor  Feed 
F8337-00  Interface  Cable 
Model  T0425-60 
Special  Features: 

120V,  220V,  240V/50HZ,  60Hz 
Hi^  Density  or  Data  Processing  Quality 
200  Characters  per  second  maximum 
RS-232C  Serial  Interface  (UNISYS  protocol) 
Power  Cord 
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Model 

number 


Equipment  Category 


Printer,  Dot  Matrix 


Printer,  Graphics 


Printer,  Graphics 


Printer,  Graphics 


Manufacturer 
city.  State 
Description 

(Continued)  25B 

Required  Features: 

F3861-00  Forms  Tractor  Feed 
F8268-03  Interface  Cable 

Wang  Labs,  Inc.  75PC-FM16T 

Irwell,  MA 

Professional  Computer  160CPS  Matrix  Printer 

Delta  Data  Systems  Corp.  IX)3184 

Columbia,  MD 

Dot  Matrix  Graphics  Printer 
(accredited  as  T2I  SIP3184) 

Standard  features: 

180  ops  draft 

45  cps  near  letter  quality 
Grafbics  144x144  <^i 
Wide  carriage 
RS-232  serial  interface 
Options: 

Multicolor  printing 
single  document  inserter 
Autoomatic  ^eet  feeder 
(OEM  is  Genicom) 

Delta  Data  Systems  Corp.  003304 

Colvrabia,  MD 

Dot  Matrix  Graphics  Printer 
(accredited  as  T2I  SIP3304) 

Standard  features: 

300  cps  EDP  mode 
200  cps  draft 

100  cps  Near  letter  quality 
Graphics  144x144  c%)i 
Wide  carriage 
RS-232  serial  interface 
Options: 

Epson  emulation 
Multicolor  printing 
Single  document  inserter 
Automatic  sheet  feeder 
(OEM  is  Genicom) 

Delta  Data  Systems  Corp.  I»3404 

Columbia,  MD 

Dot  Matrix  Graphics  Itinter 
(accredited  as  T2I  SLP3404) 

Standard  features: 

400  cps  draft 
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Equipment  Category 


Printer,  Ink  Jet 


Printer,  Ink  Jet 


Printer,  Ink  Jet 


Manufacturer  Model 

City,  State  Number 

Description 

(Continued)  IX)3404 

100  cps  near  letter  quality 
GrajW.cs  144x144  (%)i 
Wide  carriage 
RS-232  serial  interface 
Options: 

Epson  emulation 
Multicolor  printing 
Single  document  inserter 
Automatic  sheet  feeder 
(OEM  is  Genicom) 

Datasec  Corp.  DSP-225-111 

Wilton,  NH 
Ink  Jet  Printer 
Special  Features: 

replaceable  ink  reservoir 

print  head  with  Centronics  jjarallel  interface 
(OEM  is  the  Hewlett  Packard  2225C  Think-Jet  printer) 

Datasec  Corp.  DSP-225-488 

Wilton,  NH 
Ink  Jet  Printer 
Special  Features: 

IEEIE-488  Interface 
(OEM  is  Hewlett-Pacdcard) 

Datawatoh  Corp.  DATAWATXli  150 

Wilmington,  MA 
Portable  Ink  Jet  Printer 
Sjjecial  Features: 

CoDopact  (2.5"h  X  7.25"d  x  13'*w) 

Li^twei^t  (8  jxjunds  including  batteries) 

Three  jxwer  options  available: 

Internal  Rechargeable  Ni-cad  batteries 
Wall-mount  120  VAC/60  Hz  power  sipply 
Wall-mount  220  VAC/50  Hz  jxawer  si:^ly 
Available  in  both  parallel  and  serial  interface 
versions 

Epson/IEM-compatible 
GrapWcs  printing  capability 
Itint  Sjaeds: 

50  CPS  Near  Letter  Quality 
150  CPS  Draft  Quality 
240  CPS  Condensed  Mode 
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Equipment  Category 


Model 

Number 


Manvifacturer 
city,  state 
Description 

Printer,  t Digital  Equipment  Corp.  RF“LN03()  ()  () 

Na^ua,  NH 

The  RF-LN03()-()  ()  series  laser  printer  provides  high 
quality  printing  in  a  shared  office  environment. 
Depending  upon  the  version,  this  product  provides  the 
with  text,  graphics,  or  PostScript  printing 
capability  at  a  speed  of  i;?)  to  8  pages  per  itiinute. 

Model  Numbers: 

RF-IN03-AA  8  Pages  Per  Minute  Text  Printer, 
120VAC/60HZ 

RF-IN03-AE  8  Pages  Per  Minute  Text  Printer, 

240VAC  50Hz 

EF-IN03S-AA  8  Pages  Per  Minute  Text/Graphics 
Printer,  120VAC/60HZ 

RF-IN03S-AE  8  Pages  Per  Minute  Text/Graphics 
Printer,  240VAC/50HZ 

RF-IN03R-AA  8  Pages  Per  Minute  PostScript  Printer, 
120VAC/60HZ 

RF-LN03R-AE  8  Pages  Per  Minute  Postscript  Printer, 
240VAC/50HZ 

Options: 

RF-LN03X-CR  RAM  Cartridge 
RF-IN03X-XX  Font  Cartridge 
RF-POAF&-AA  Fiber  Cptic  Adapter 
BN25C-XX  Fiber  Optic  Cable 
RF-BC09D-25  RFI/MI  Shielded  Cable 
Special  Features: 

Text  printing  at  8  pages  per  minute 

Full-page 

300  dots  per  inch 

Standard  RS-232  Serial  Interface 

Bit-mapped  graphics  (RF-IN03S-AVAE  only) 

Optional  RAIVRCM  cartridges  (RF-IN03-AA/AE, 
RF-IN03S-AVAE  only) 

Provides  PostScript  compatibility  (RF-IN03R-AVAE  only) 

Printer,  Laser  North  Atlantic  Ind. ,  Inc.  Laser  II-T 

Hauppauge,  NY 

ppsV-Tnp  TEMPEST  Laser  Printer 
Special  Features: 

Engine:  Canon  LPB^SX 

Print  Speed:  8  pages  per  minute 

Printer  Emulations:  HP  Laserjet  + 

Interfaces:  Std:  RS232C  Serial  (300-19. 2K) 

Centronics  Parallel 
Option  5:  Share  Spool  (4  users) 

Scanning  Line  DensityJ  300  DPI 
Memory:  Std:  512kB  (395kB  laser) 

Option  1:  Additional  1MB 
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Equipnent  Category 


Printer,  laser 


Printer,  laser 


Manufacturer  Model 

City,  State  lamher 

Description 

(Ocaitinued)  Ta«v»T-  ii-r 

Optical  2:  Additicaial  2MB 
Optical  3:  Additicaial  4MB 
Fewer:  Std:  110  to  115V  +  or  -  10%,  50/60  Hz 

Optical  4:  220  to  240V  +  or  -  10%,  50  or  60  Hz 
Fcaits:  6  resieJent  fcaits,  c^artricJge  loaded  host 
resident-dewn  loaded 

Paper  Handling:  Single  tray  -  200  sheets  letter, 
legal,  A4,  or  B5 

Optical  6:  IID:  Dukl  200-sheet  trays, 

EnvelcDpe  Feeder  -  50  envelopes 
IVio-sided  page  printing 
(OEM:  HP  laserjet  II) 

North  Atlantic  Ind. ,  Inc.  PS  810-T 

Hai^pauge,  NY 

Desk-Top  TEMPEST  laser  irinter 
Special  Features: 

Engine:  Cancai  IPB-SX 

Pa^  Descxipticai  language:  PostScript 

Print  Speed:  8  pages  per  minute 

Moc^:  PostScript  batch  mode  RS-232/422,  Ippletalk 

Printer  Etoulaticais:  Diablo  630 

HP  LaserJet  +  (HP-PCL) 

HP  7475A  Plotter  (HP-GL) 

Memory:  2MB  RAM  (3MB  RZM  cpticaial) ,  IMB  RDM 
Paper  Size:  Letter,  Leg^,  A4,  envelopes,  labels, 
transparencies 
Cassette:  200  sheets 

Paper  Output:  2  trays,  face  v?)  and  face  cSown 
Resoluticai:  300  x  300  c3ots  per  inch 
Noise  level:  less  than  55  db(A} 

Tcaer:  Dry  moncxxnpcaient  toner  in  user-r^laceable 
cartriciges 

EVaits:  35  resident  fcaits  from  4  pt.  rpward.  Rotatable  in 
1  degree  increments,  host  dcwnloaidable  also 
available 

Interfaces:  RS232C,  RS422/;ppIetalk,  Centronics 
Parallel 

Power:  110/120V  60  Hz  or  220/240V  50  Hz 
(OEM:  OB,  Inc.) 

Wang  Labs,  Inc.  75LES-12xT 

Lowell,  MA 

TEMPEST  laser  Imaging  System 
Special  Features: 

Prints  12  pages  per  minute  in  text  mocie 
Prints  6  pages  per  minute  in  gr^hics  mocte 
Mcdel  optiens  are: 
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Model 

MUDber 


Manufacturer 
City,  state 
Description 

(Continued)  75US-12xT 

75IJ:S-12T  for  CIS  CPUs 
75LIS-12Ar  for  Alliance  CPUs 
7RT.TS-12VT  for  VS  Computer  Systems 

Pointer,  laser  Wang  Labs,  Inc.  KS15-DSK-T 

licwell,  MA 
Laser  Pointer 
Special  Features: 

15  pages  per  minute 

300  by  300  dots  per  inch  resolution 

attaches  to  PC280-XT  and  PC-XCx-3T  series 

professional  computers  and  XAPC-SxT  series  advanced 
professional  computers 
available  in  both  120V/60  Hz  and  240V/60Hz 
Pointer  cations  include: 

LCS15-IK-P>C-^  Interface  Kit 

Pointer,  Ta!=;f»r  Wang  Labs,  Inc.  ICS15-SYS-T 

Lcwell,  MA 
Laser  Pointer 
Special  Features: 

15  pages  per  minute 
300  X  300  dots  per  inch 
Two  power  requirements: 

103  to  127  VAC  @  50/60  Hz 
206  to  254  VAC  §  50/60  Hz 
TVro  removable  paper  trays 

Attaches  to  the  current  Wang  TEMPEST  VS  Systems  or 
the  CIS  7535AT  and  7540AT  Computer  Systems 

Pointer,  Laser  Wang  Labs,  Inc.  IDP8-DSK-T 

Lcwell,  MA 
Laser  Pointer 
Special  Features: 

8  pages  per  minute 

Hi^  resolution  dot  pattern  (300  x  300  dots  per 
inch) 

Si^^rts  LaserJet  Series  II  a^lications 
provides  serial  and  parallel  interface  connections 
paper  may  be  fed  autoamatically  or  manually  in  a 
variety  of  sizes  &  types 

Sv;pports  i;p  to  two  font  cartridges  &  a  variety  of 
downloadable  software  fonts 

Si^ports  letter,  legal,  A4,  &  executive  paper 
Options: 

Option  IT  Memory  l^jgrade  (IMB) 

Cation  2T  Memory  l^jgrade  (2MB) 


Page  5-55 
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Model 

Number 


Server  Processor 


Tape  Drive 


Tape  Drive 


Manufacturer 
City,  State 
Description 

Digital  Equipment  Corp.  RF-DSRVX-XX 

Nashua,  NH 
Server  Processor 

Model  RF-DSRVB-AA  120  VAC  50/60  Hz 

Model  RF-DSRVB-AB  240  VAC  50/60  Hz 
The  RF-DSRVB^AA  (-AB)  provides  the  interface  between  8 
asynchronous  serial  data  ocmintunications  channels,  at 
rates  to  19.2kB/s,  on  the  TEMPEST  Ethernet  local 
area  network.  The  devices  intended  for  use  on  this 
terminal  server  are  the  RF-VT240,  RF-VT320,  RF-IN03, 
and  RF-IAIER.  The  local  area  network  connection  is 
supplied  by  the  SIU  interface,  vAiich  provides  lOMB/s 
data  throu^put  to  the  TEMPEST  Ethernet  (TNET) .  The 
TNET  connection  is  made  fiber  cptic  link  losing  a 
TEMPEST  fiber  cptic  transceiver  (EF-H400x)  attached  to 
the  backbone  cable. 

Wang  Labs,  Inc.  2238V-1T 

Lowell,  MA 

VS  1/4"  Streaming  Cartridge  Tape  drive 
Special  Features: 

Provides  ip  to  60MB  of  storage  on  OOO-foot  data 
cairtridge 

Sipported  on  VS5-xT  and  VS6-xT  systems 

Wang  Labs,  Inc.  2248V-1T 

Lowell,  MA 
Tape  Drive 
Special  Features: 

Driven  from  a  7585VST-X  CEU  with  22V15-2T  Tri- 
Density  Tape  lOP 

Capable  of  operating  at  800/1600/6250  bits  per 
inch 

Uses  10.5"  tape  reels  that  hold  vp  to  2400  feet  of 
magnetic  tape 

Reads  &  writes  in  a  foirward  direction  at  a  speed  of 
75"  p)er  second 

Operates  in  ip  to  3  recording  modes  (densities) 

Recording  modes  selectable  from  either  the  host 
system  or  via  the  tape  drive  control  panel 

Offers  impressive  media  interchange  carpatibility, 
making  it  possible  to  exchange  data  from  a  non  VS 
system  to  a  Wang  VS  series  Costrputer  System 

Available  with  electrical  pcwer  requirements  for  100 
&  120  VAC  (208  and  240  VAC) ,  50Hz  and  60Hz  §  400 
Watts  average  with  an  average  Btus/hr  of  1500 
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Muniber 


Equipment  Category 


Tape  Drive 


Tape  Reader,  Punched 


Tape  Reader,  Punched 


Teleprinter 


Terminal 


Terminal 


Terminal 


Manufacturer 
City,  State 
Description 

Wang  Labs,  Inc.  7529T 

Lowell,  MA 

1/4”  Arciliving  Cartridge  Tape  Drive 

Advanced  Control  Device  Corp  5120 
Dayton,  CH 
Punched  T^)e  Reader 
Special  Features: 

5-  &  8-  level  tape/data  punching  &  reading 
capability 

ASCII  to  BAUDOT  and  BAUDOT  to  ASCII  conversion  in 
both  the  punch  &  reader 

Built-in  interfaces  include  RS232  &  188C  serial  & 
Centronics-ocwpatible  parallel 
Built-in  fiber  optic  ports 
160  cps  reading  &  80  cps  punching  rates 
110/220  VAC  50/60  Hz 
12-16  VDC  qperation 

Mitek  Systems,  Inc.  T5104 

Sterling,  VA 

The  paper  punched  tape  reader  is  a  microprocessor 
based  stand-alone  peripheral  vhich  can  read  data  from 
and  punch  data  on  paper  tape 

Dataproducts  New  England  MXr-1200  KSR 

Wallingford,  CT 
KSR  Printer 

Datasec  Corp.  DST-220 

Wilton,  NH 

Video  Display  Terminal 

VT-220-conpatible  monochrotne  display  terminal 
(OEM  is  E^rit  Systems,  Inc.  Model  ESP  6515) 

Datawatch  Corp.  DAIAWATCH  240 

Wilmington,  MA 

Alphanumeric/Graphic  Digital  Equipment 
240-CanDpatible  Di^lay  Terminal 

Delta  Data  Systems  Corp.  8260AT  and  8260T 

Columbia,  MD 
Video  Display  Terminal 
Options: 

printer  port 
printer  concatenation 

RS-422,  RS-423,  or  MIL-188  for  host  port 
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Number 


Manufacturer 
City,  State 
Description 

Terminal  Delta  Data  Systems  Corp.  EO  220T 

Columbia,  MD 
Video  Display  Terminal 
Standard  features; 

Emulates  DEC  VT220  and  VTIOO 
14”  Monochrome  Di^lay 
Auxiliary  RS-232  I/O  Port 
80-  and  132-cJolumn  Modes 
18  User-definable  Funcotion  Keys 

Terminal  Digital  Equipnnent  Corp.  RF-VT240-AV~BA 

Na^ua,  NH 

RF-VT240-BA  (AA  with  WPS  Keycaps) 

RF-VT240-AA  oorprised  of; 

RF-VR201-A  TEMPEST  12”  B/W  Monitor 
RF-IJK201-CA  TEMPEST  Kei^xjard 
RF-VS240-A  TEMPEST  VT240  System  Box 
Video  di^lay  terminal  with  B/W  Graphics,  serial 
printer  port,  full  diplex  RS-232  ocraraunications 
port 

New  Options; 

RF-IK301-AA  Kei4x)ard 
RF-IK301-PA  Kei4x)ard 
RF-Iia02-AA  Keyboard 
RF-IK302-PA  Keyboard 

Terminal  Digital  Equipment  Corp.  RF-VT320-AA 

Na^ua,  NH 

The  RF-VT320  is  a  monochrome  text-only  video 
terminal.  The  screen  measures  14”  diagonal  and  is 
flat.  All  electronics  for  the  terminal  are  housed 
within  the  monitor.  The  RF-IK201-XX  ke^xaard  is  used. 
One  ocmm  port  and  one  printer  port  are  available.  The 
terminal  is  set  for  120  or  240  volt  operation  at  the 
factory  by  a  jxmper  wire.  50  or  60  Hz  pcwer  can  be 
used. 

Options; 

RF-VT320-A2;  120  Volt,  with  attached  power  Cord,  No 
keiixjard 

RF-VT320-A3 ;  240  Volt,  with  no  power  cord,  no  kei^xjard 
RF-Vt320-AA;  RF-VT320-A2  with  RF-LK201-AA,  USA  keycaps 
RF-VT320-DA;  RF-Vt320-A2  with  RF-IK201-BA,  USA/WPS 
keycaps 

RF-VT320-AB;  RF-VT320-A3  with  RF-IiQOl-AA,  USA  keycaps 
RF-VT320-DB;  RF-Vr320-A3  with  RF-IK201-BA,  USVWPS 
keycaps 
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Terminal  UNISYS  Corp.  T3560-23 

Salt  Lake  Cit^f  UT 

T3560-23  UTS  2CX:  Console 
Special  Features: 
keylock 
power  simply 
video  display  unit 
RS-232-C  asynchroncus  interface 
hi^-speed  host  ocraraunications  interface 
F5188-00  EMC  modification  to  video  display 
F3392-03  Central  processing  unit 
F5186-00  EMC  modification  to  CEU 
F3761-00  Clocl^calendar 

F5187-00  EMC  modification  to  clock/calendar 
F5190-00  EMC  program  cartridge  for  UTS  20C 
F3972-01  Memory  allocator  PCM 
F5131-02  EMC  ke^iDoard 
C3395-XX  Voltage  selection 

One  of  the  following  EMC  power  cord  selections: 
C5181-00  60  Hz,  NEMA  5-15P 

C5181-01  50  Hz,  SEV  1011 

C5181-02  50  Hz,  lEX:  83/C5 

C5181-03  50  Hz,  B31363:1967 

C5181-06  60  Hz,  NEMA  6-15P 

Options: 

F3574-01  Tilt/swivel  base 

Iterminal  UNISYS  COrp.  T3622-99 

Salt  Lake  City,  UT 
SVT  1140  Video  Terminal 
Special  Features 

Casework  with  a  tilt-swivel  base 
CRT 

central  processing  unit 
power  supply 
24kB  of  RAM 

two  RS-232-C  asynchronous  interfaces 
one  synchronous  cx3inraunications  interface  (Uniscope) . 
Required  features: 

F5131-99  EMC  SVT  1140  keyboard 
C5181-XX  EMC  power  cord  selection 

Workstation  Datawatch  Corp.  DATAWATCH  386/16 

Wilmington,  MA 

The  X86  series  of  TEMPEST  workstations  are  stand-alone 
lEM-compatible  personal  ocmputers.  They  can  also 
function  as  remote  terminals  to  a  host  ccmputer,  and 
as  workstations  on  a  local  area  network.  They  are 
available  with  either  80286  or  80386  16MHz  micro- 


Equipment  Category 


Model 

Number 


Manufacturer 
Cit7,  State 
Description 

(Continued)  DAIAWATCH  386/16 

processors  and  i;?)  to  16MB  RAM.  Ihe  DW386/16  standard 
configuration  of  the  DAIAWATCH  X86  TEMPEST  Workstation 
ccamprises  2MB  of  RAM  on  the  mothertxjard,  one  serial 
and  one  parallel  interface. 

Options: 

OPrX86-01-A01  VGA  Display  Adapter 

OPrX86-02-A01  Monochrome  Display  Adapter 

OPrX86-03-B01  Logitech  Bus  Mouse 

OPrX86— 05— AOl  Western  Digital  Ethernet  Interface 

OPrX86-05-A04  ESccelan  205T  Ethernet  Adapter  (Ihick 
Net) 

OPrX86-05-A05  Excklan  205T  Ethernet  Adapter  (Thin 
Net) 

OPTX86-06-A01  Excelan  EXOS  205E  Ethernet  Interface 

OPrX86-07-A01  Datawatch  Dual-Serial,  1  Parallel 

Port(s)  Adapter 

OPTX86-08-A01  3270  Synchronous  Interface 

OPrX86-09-A01  360kB  5.25”  Flc^y  Disk  Drive 

OPTX86-09-A02  1.2MB  5.25”  Floppy  Disk  Drive 

OPTX86-09-A03  1.44MB  3.5”  Flcppy  Disk  Drive 

OPrX86-ll-A01  20MB  Hard  Disk  Drive 

OPrX86-ll-A02  40MB  Hard  Disk  Drive 

OPrX86-ll-A03  70MB  Hard  Disk  Drive 

OPIX86-12-A01  115MB  Hard  Disk  Drive 

OPrX86-12-A02  160MB  Hard  Disk  Drive 

OPrX86-14-B01  60MB  Streaming  Tape  Drive  and  Controller 

OPTX86-15-AXX  101/2  Key  Enhanced  Ke^ixard 

OPTX86-22-A01  8  Port  Intelligent  Serial  Adapter 

OPTX86-22-A02  4  Port  Intelligent  Serial  Adapter 

PCB286-102-A02  Fast  1:1  Interleave,  ST506  Disk 

Controller 

FAWM14-01-A01  Datawatch  WM14  14”  MoiTOchrome 

Monitor 

FACM14-01-A01  Datawatch  CM14  14”  Color  Monitor 

FAVM14-00-A01  Datawatch  VM14  14”  VGA  Color  Monitor 

Workstation  Datawatch  Corp.  DW286/16-ST506 

Wilmington,  MA 

The  EW286/16-ST506  configuration  of  the  Datawatch  X86 
TEMPEST  Workstation  is  a  hi^-performance  IBM  AT  com¬ 
patible  personal  ccmputer  built  around  a  16  MHz,  zero 
wait-state,  80286  micrcprocessor. 

Options: 

IC-80287-10  Numeric  Coprocessor 

OPTX86-01-001  VGA  Display  Adapter 

OPTX86— 02— 001  Monochrome  Di^lay  Adapter 

OFTX86-03-001  Logitech  Bus  Mouse 

OPIX86-05-001  Western  Digital  Ethernet  Interface 
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(Continued)  EW286/16-ST506 

OPrX86-05-A04  Excelan  205T  Ethernet  Adapter  (Thick 
Net) 

OPrX86-05-A05  Excelan  205T  Ethernet  Adapter  (Thin 
Net) 

OPrX86-06-A01  Datawatch  IXial-Serial ,  1  Parallel 
Port(s)  Adapter 

oprx86-07-001  3278/3279  COax  Interface 

OPrX86-08-001  3270  Synchronous  Interface 

OPrX86-09-A01  360kB  5.25"  Flc^py  Disk  Drive 

OPrX86-09-A02  1.2MB  5.25"  Flc^py  Disk  Drive 

OPrX86-09-A03  1.44MB  3.5"  Flc^^  Disk  Drive 

OPIX86-10-001  ST506  Disk  Controller 

OPrX86-ll-A01  20MB  Hard  Disk  Drive 

OPrX86-ll-A02  40MB  Hard  Disk  Drive 

OPrX86-ll-A03  70MB  Hard  Disk  Drive 

OPIX86-12-A01  115MB  Hard  Disk  Drive 

OPrX86-12-A02  160MB  Hard  Disk  Drive 

oprx86-14-001  60MB  Streaming  Tape  Drive  and  Controller 

OPrX86-15-001  101-Key  Enhanced  Keyboard 

FAWM14-01-A01  Datawatch  WM14  14"  Monochrame  Monitor 
FACM14-01-A01  Datawatch  CM14  14"  Color  Monitor 
FAVM14-00-A01  Datawatch  'VM14  14"  VGA  Color  Monitor 

Workstation  Digital  Equipment  Corp.  RF-PVOIX-XX 

Na^ua,  NH 

The  TEMPEST  VAXstation  3100  is  a  graphics  workstation. 
The  basic  configuration  consists  of  the  CEU,  Keyboard, 
MDUse,  and  Monochroame  Monitor.  The  model  number 
variations  consist  of  additional  editions  including 
diskette,  tape  drive,  color  monitor,  increased  memory 
and  a  choice  of  VMS  or  Ultrix  eperating  system 
software. 

RF-PVOIO-BC  Diskless,  19"  Mono.,  EF-IK201,  Mouse, 

VMS  120V 

RF-EVOIO-K)  Diskless,  19"  Mono.,  EF-IK201,  Mouse, 

VMS  240V 

RF-PVOIO-JC  Diskless,  19"  Mono. ,  RF-LK201,  Mouse, 
Ultrix  120V 

RF-PVOIO-JD  Diskless,  19"  Mono.,  RF-LK201,  Mouse, 
Ultrix  240V 

RF-PVOIO-BW  Diskless,  19"  Color,  RF-LK201,  Mouse, 

VMS  120V 

RF-PVOIO-BY  Diskless,  19"  Color,  RF-IK201, 

VMS  240V 

RF-PVOIO-JW  Diskless,  19"  Color,  RF-LK201,  Mouse, 
Ultrix  120V 

RF-PVOIO-OY  Diskless,  19"  Color,  RF-LK201,  Mouse, 

Ultrix  240V 
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(Continued)  RF-PVOIX-XX 

RF-PVOll-BC  RX23,  19"  Mono.,  RF-IK201,  Mouse,  VMS 
120V 

RF-rVOll-BD  EX23,  19"  Mono.,  RF-IiC201,  Mouse,  VMS 
240V 

RF-PVOll-JC  RX23,  19"  Mono.,  RF-IiQOl,  Mouse, 
Ultrix  120V 

RF-JVOll-JD  RX23,  19"  Mono.,  RF-IK201,  Mouse, 
Ultrix  240V 

RF-PVOll-BW  RX23,  19"  Color,  RF-IiC201,  Mouse,  VMS 
120V 

RF-PVOll-BY  RX23,  19"  Color,  RF-IK201,  Mouse  VMS 
240V 

RF-FVOll-OW  RX23,  19"  Color,  RF-IIQOI,  Mouse, 
Ultrix  120V 

RF-PVOll-JY  RX23,  19"  Color,  RF-LK201,  Mouse, 
Ultrix  240V 

RF-IV012-BC  TZ30,  19"  Mono.,  RF-LK201,  Mouse, 
Ultrix  240V 

RF-PV012-BD  TZ30,  19"  Ifono. ,  RF-LK201,  Mouse,  VMS 
240V 

RF-PV012-JC  TZ30,  19"  Mono.,  RF-LK201,  Mouse, 
Ultrix  120V 

RF-P7012-JD  TZ30,  19"  Mono.,  RF-LK201,  Mouse, 

Ultrix  240V 

RF-FV012-BW  TZ30,  19"  Color,  RF-IK201,  Movise,  VMS 
120V 

RF-PV012-BY  TZ30,  19"  Color,  RF-nC201,  Mouse,  VMS 
240V 

RF-PV012-JW  TZ30,  19"  Color,  RF-I1C201,  Mouse, 
Ultrix  120V 

RF-PV012-JY  TZ30,  19"  Color,  RF-IK201,  Mouse, 
Ultrix  240V 

Any  of  the  24  options  above  can  be  ordered  with  or 
without  the  following: 

RF-RZ55-FA  300MB  Hard  Disk  (Sidecar) ,  120V 

RF-RZ55-F3  300MB  Hard  Disk  (Sidecar) ,  240V 

Workstation  Wang  Labs,  Inc.  4230-OA-^ 

Lcwell,  MA 

64K  OIS/Alliance  Data  Processing/Word  Processing  Work¬ 
station 

Special  Features: 

l^jgradeable  to  PC-XCx-3T  series  professional 

coaipaters  &  XAPC-SxT  series  advanced  professional 
ccmputers 

Accredited  in  multiple  language  character  set 
versions  in  addition  to  the  standard  versions 
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(Continued)  4230-QA-T 

Available  with  keylock  option  configurations: 
4230-KL-T  -  Field  l^jgrade 
4230-QA-Iir  -  Factory  Installed 

Workstation  Wang  Labs,  Inc.  4230~VS~T 

lowell,  MA 

64K  VS  Data  Processing/Wbrd  Processing  Workstation 
Special  Features: 

l^jgradeable  to  PC-XCx-3T  series  professional 

conputers  &  XAPC-SxT  series  advanced  professional 
ccatputers 

Accredited  in  multiple  language  character  set 
versions  in  addition  to  the  standard  versions 
Available  with  keylock  option  configurations: 
4230-KLf-T  -  Field  Ipgrade 
4230-VS-Lr  -  Factory  Installed 

Workstation  Wang  Labs,  Inc.  4230TC-^ 

Lcwell,  MA 

64K  CIS  Telecceooraunications  Workstation 
Special  Features: 

l^jgradeable  to  PC-XCX-3T  series  professional 

corputers  &  XAPC-SxT  series  advanced  professional 
cxxiputers 

Accredited  in  multiple  language  character  set 
versions  in  addition  to  the  standard  versions 
Available  with  keylock  cption  configurations: 
4230-KL-T  -  Field  Ipgrade 
4230TC-Lr  -  Factory  Installed 

Workstation  Wang  Labs,  Inc.  7501-QA-<r 

Lcwell,  MA 

OIS/Alliance  Archiving  Workstation 
Special  Features: 

128kB  Local  Ccsnraunications  cation 
single  diskette  drive 
monitor 
keyboard 

Upgradeable  to  PC-XCX-3T  series  professional 
conputers. 

Accredited  in  multiple  language  character  set 
versions  in  addition  to  the  standard  versions 

Wang  labs,  Inc.  7501-VS-T 

Lcwell,  MA 

VS  Ardhiving  Workstation 
Special  Features: 

128kB  Local  Ocraraunications  option 


Workstation 
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(Continued)  7501-VS-T 

single  diskette  drive 
Monitor 
Ke^ixard 

Hjgradeable  to  PC-XQC-3T  series  ^)rofessional 
computers 

Accredited  in  multiple  language  character  set 
versions  in  additic^  to  the  standard  versions 

Wang  Labs,  Inc.  APC-IWST 

Lowell,  MA 

Integrated  Workstation 
Special  Features: 

Base 

Reitoard 

Monochrome  Monitor  (75PC-IM04T) 

AFM 

25-foot  cable 

Character/graphics/IBM  emulator  (OGI)  card  (APC-mosT) 
Monochrome  Monitor  Card  (75PC-IM01T) 
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Plotter,  Cjolor  Intematiaial  Tech.  Oorp.  ITC  lOT 

McLean,  VA 
Color  Plotter 
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dty.  State  MUDiber 

Description 

Tim^lex,  Inc.  TIM-IilNK  T1 

Woodcliff  Late,  NJ 

Facilities  management  systems.  Models  TIM  1601/1602 
and  TIM  1603  Ultra  widd^and  time  division  multiplexer 
facility  vAiich  stjiports  voice,  data  and  ocmpressed 
video  transmission 
EiATE  SUSPENDED:  01/01/92 
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GET  corp.  DSP-14B 

Minneapolis,  MN 
14"  Video  Monitor 

DROPPED  DATE:  07/03/91 
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Computer,  Personal 


Coitputer,  Personal 


Computer,  Personal 


Manufeicturer  Model 

City,  State  Number 

Descripti«i 

C.  R.  IntematiOTial,  Inc.  IW2  500/12T 

Beltsville,  MD 

Personal  Computer  with  80286  micrcprocessor,  512kB  to 
4MB  RAM  expansion,  40MB  Removable  Fixed  Disk  Drive,  1.2MB 
Flexible  5-1/4”  Disk  Drive,  Monoohrome  Alphanumeric 
Display,  an  OFIS  Link  Keitoard,  with  optional  Uniscope 
Comnnunications  Card. 

No  longer  in  production. 

DROPPED  DATE:  10/01/91 

Candes  Systems,  Inc.  TPI-863-T 

Harleysville,  PA 

Kei^soard,  ffouse,  two  RS422/232  Serial  Interfaces, 

SCSI  Parallel  Interface,  and  two  800kB  Floppy  Disk 
Drives  (OEM  Macintosh) 

Option: 

891-320T  Hard  Drive  Remote 
(No  Longer  in  Production) 

DROPPED  DATE:  07/01/91 

International  Tech.  Corp.  ITC  PC-AT-T 

McLean,  VA 

Stand  Alone  Personal  Ccmputer  with  eight  expansion 

slots,  512kB  memory  and  keihoard 

Options: 

rrc  Ethernet  IAN  interface  card 
8  expansion  slots 
256kB  memory 

rrc  PC-HC-1,  1.2MB  hi^  capacity  floppy  drive 
ITC-PC-MDl,  monochrome  di^lay 

ITC  PC-HMP-1,  monochrome  di^lay  adapter  with  parallel 
comiraunications  port 

ITC  PC-DA-5,  drive  adapter  card  with  fixed  disk  & 
diskette  capability 

ITC  PC-SP-2,  2  serial/parallel  ccmiraunications  adapter 
ITC  PC-4C-2,  math  coprocessor  card 
ITC  PC-ME-1  thru  4  (4) ,  512kB  memory  expansion  card 
ITC-^Iouse-T,  Mouse 

ITC  PC-RW-IOT,  10MB  removeable  cartridge  drive 
rrc  PC-EMGA-T,  Enhanced  Monochrcme/Grafhics  Display 
Adapter  Card 

rrc-PC-RFI>120T,  120MB  Removable  Fixed  Drive  (PC-AT-T 
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(Continued)  ITC  PC-AT^C 

Plug-in) 

ITC-PC-DA-6,  nrc  rigid  dis^/diskette  drive  adapter  card 
rrc-Mns-20T,  ins  20  terminal  emulator  card 
rrc-PC-ECD-T,  enhanced  color/graphics  display  ^stem 
ccnprised  of  the  ITC-PC-ECD-T  enhanced  di^lay  monitor, 
nc-PC-EOGA-T  ad^jter  card,  &  ITC-PC-EOGA-ME-n'  extended 
msDoory  card 

ITC-PC-60AT-T,  Integrated  T^je  Bacdop  Unit 
ITC-PC-RFD2-30T,  Two  ITC-PC-RFD-30T  removable  disk 
drives  (Oonponents:  ITC-PC-RFD-30T(2X)  30MB  removable 
rigid  disk  drive,  ITC-PC-DAr6  DTC  rigid  disk/diskette 
drive  ad^iter  card) 

rrc-PC-RED-30T,  Removable  disk  drive  (Ccarponents: 
ITC-PCDA.-6  Die  rigid  disVdiskette  drive  adapter  card) 
ITC-PC-AT,  Multifunction  2-T  AST  Advantage  Multi¬ 
function  adapter 

rrc-PC-VEGA-T,  Enhanced  color  graphics  adapter  with 
256kB  of  RAM  (OEM  Video  7  Inc.) 

(No  Longer  in  Production) 

DBDFEED  DATE:  07/01/91 

International  Tech.  Corp.  ITC  PC-XT-T 

McLean,  VA 

Stand  alcaie  personal  ccenputer  with  8  expansion  slots, 
256kB  memory,  and  ke^^oard. 

Options: 

nc-PC-^l,  Monochreme  Di^lay 
rre  BIHERNET  LAN,  interface  card 
rrc-PC-^l,  Monochrome  Di^lay  with  printer  adapter 
rrc-PC-Gl  or  G2,  Monochrome  gr^hics  card  with 
parallel  port 

PTC  ITC-PC-MF-3,  Multifunction  card,  RTC,  (1)  a^nc, 
parallel  port 

rrC-PC-Ml  throu^  M6,  64Kb  throu^  384KB  memory 
ejpansion 

ITC-PC-MC,  Math  ccprocessor 

rrc-PC-IU-l,  Programmable  ocram  controller 

rrC-PC-HFl  and  HF2,  1/2-hei^t  360kB  Floppy  disk 

rrc-PC-DA-4,  DA-3,  &  DA-1,  floppy  adapters 

rrc-PC-Al  or  A2,  async  oemm  port 

rrc-PC-Fl  and  F2,  full-height  360kB  floppy  disk 

rrc-PC-RWl  or  RM2,  aiB  removable  Winchester  disk 

ITC-PC-FW-1,  IQMB  Hard  Drive 

ITC-PC-DA-2,  Flcppy  adapter 

ITC-PC-M-7,  Memory  Expansion 

ITC-PC-^-4,  Multifuncticai  Card 

RTC,  2  Async  Parallel  Ports 

rre-Mouse-T,  Mouse 

TTC-PC-EMD-T,  enhanced  monochrome/graphics  di^lay 
system  (Components:  ITC-PC-EMGA-T  enhanced  monochrome/ 
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(Ccaitinued)  ITC  PC-XT-T 

graphics  display  adapter,  ITC-PC-MDl  display) 
nc  1210C-T,  Disk  drive  ccaitroller  card 
rrc-PC-ECD-T,  Enhanced  color/gr^Mcs  display  system 
nc-PC-IEM-T  327X,  Tenninal  Emulator 
(No  Longer  in  Production) 

DROPPED  DATE:  01/01/91 


Mit^  Systems,  Inc.  T5240 

Sterling,  VA 

J^le  Macinto^  SE  Personal  Ccmputer  with  dual 
SOOkB  3.5”  flc^ipy  drives,  OMB  of  PAM  with  up  to  4MB 
RAM  cptional,  RS-422  ^jpleTalk  Port,  PS-232  Port, 
Mouse,  Extended  Re^xard,  and  Monochrome  Monitor. 
Basic  lAiit: 


Logic  Board 

Pcwer  Analog  Board 

SOOkB  Saiy  Flcppy  Drives 

Apple  Extended  Reitoard 

Mouse 

CRT 


630-4125 

630-0147 

MFD-51W-03 

'IW-9894V-0 

W-2594V-0 

Clinton  YR-100,  lype  90912, 
159-0019-D 


Hard  Disk 

Miniscribe  20MB  8425S 

Quantum  40MB  940-40-9401-0023 

(No  Longer  in  Production) 

DROPPED  DATE:  04/01/91 


Mitek  Systems,  Inc.  T5270 

Sterling,  VA 

Macintosh  II  incl\jding  up  to  SMB  of  memory,  two  SOOkB 
3.5”  diskette  drives,  40MB  removable  hard  drive. 
Appletalk  Port,  RS-232  Port,  i^le  Extended  Ke^ooard, 
J^le  Desktcp  Mouse,  includes  IMMU  for  support  of 
Options: 

80MB  Removable  Hard  Disk  instead  of  40MB 
Monochrcrae  Video  Card  with  12”  Hi(^  Resolution 
Monochrome  Monitor 

Spectrum  Color  Video  Card  with  ARC  Model  T5119-3 
Color  Monitor 

Color  Video  Card  with  13”  Hi^  Resolution  Color 
Monitor 

MS-DOS  Option  with  MAC  286  Processor/Memory  PCBs 
and  5-1/4”  Flqfpy  Disk  Drive 
30CM  Etherlink  N/B  Network  Card  utilizes  only  the 
15-pin  ”D”  output 
External  SCSI  Port 
Extemed  80MB  SCSI  Hard  Disk  Drive 
T5271  LaserWriter  IINT  with  ;^leTalk  Port  Connection 
to  the  T5270 
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Manufacturer 
City,  State 
Desddption 

(Continued)  T5270 

MacViJdng  Video  Board 
Moniterm  Monitor 
(No  Longer  in  Production) 

DROPEED  DATE:  04/01/91 

Cortpiter,  Personal  TEMPEST  Tech. ,  Inc.  (T2I)  XTRA  286TX 

Herndon,  VA 

Personal  Ccraputer  with  80286  microprocessor,  8/10  Mhz 
Motherboard,  640kB  RAM,  Enhanced  Graphics  Adapter, 

14”  Multisync  Color  Monitor,  1  Centronics  Parallel  Interface 
Port,  1  Serial  (RS-232)  Interface  Port,  110/220  VAC 
factory  selectable 

(OEM  -  Alcatel  Information  Systems:  m  XTRA  286  AIW) 
Standard  Features: 

TX-KBlOl  lOlAT  Style  Keifxjard 

TX-40MB  40MB  Removable  Half  Hei^t  Hard  Disk  Drive 
TX-5.25F  1.2MB  5-1/4”  Floppy  Disk 

TX-EX3VC  Multisync  Graphics  Monitor/Color 
(EX3!/mode)  640  x  380  Pixels 
110/220V  Factory  Selectable 

Options: 

TX-KB102  102  Style  Extended  Kei^soard 
TX-72MB  72MB  Removable  Hard  Disk  Drive 
TX-000841  Hard  Disk  Ccxitroller 
TX-3.50F  1.44MB  3-1/2”  Floppy  Disk 

TX-2MB  2MB  RAM  Memory  l^jgrade 

TX-80287  80287  Math  Co-Processor 

TX-6000T  External  Data  Conversion  System  with 
one  each: 

1.2MB  8”  Drive 
1.2MB  5-1/4”  (96TPI)  Drive 
360kB  5-1/4”  (48TPI)  Drive 
1.24MB/800kB  3-1/2”  (135TPI)  Drive 
TX-2000T  Internal  Data  Conversion  System 
occipying  one  half-hei^it  slot  in 
the  XI^286  TX  with  one  of  the 
following  drives: 

1.2MB  5-1/4”  (96TPI)  Drive 
360kB  5-1/4”  (48TPI)  Drive 
DROPPED  DATE:  OyOl/92 

Disk  Drive  GRiD  Systems  Corp.  2107 

Fremcait,  CA 
Portable  Floppy  Disk 
(No  Longer  in  Production) 

ESROPPED  DATE:  07/01/91 

Di^lay  lEM  Corp.  3278RC  Model  2 

Durham,  NC 

RPQ  8K1069  CRT  Display  Station  1920  character  buffer 
DROPPED  DATE:  10/01/91 
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Equipment  Category 


Facsimile 


Interface,  Fiber  Optic 


Interface,  Fiber  Optic 


Modem 


Manufacturer 
city.  State 
Description 

Time  and  Space  Proc.  Inc.  9100 

Sunnyvale,  CA 

Ihe  TSP  Easy-Fax,  Model  9100  is  a  small,  li^t- 
wei^t,  portable,  half-dtplex  facsimile  unit  vMch 
communicates  with  distant  staticais  over  a  ^gital 
telephone  network.  User  selectable  built-in  inter¬ 
faces  are  RS232,  RS423,  MIIr-sn>-188-114,  and  MIL- 
SlD-188-100.  Transmission  rate  is  from  2400  to 
9600  l^.  Scaraiing  method  is  direct  contact  sensor. 
Conpression  scheme  is  modified  Iftiffijaan,  modified  READ. 
Resolution  is  standard:  203  pels/in  x  98  lines/in  or 
detail:  203  pel/in  x  196  lines/in.  Liquid  crystal 
di^lay  16-character  x  2-row  eilphanumeric  di^lay  for 
cperator  and  maintenance  guidance  such  as:  machine 
status,  error  message,  transmissioiVrec^tion  results, 
configuration  set— ip,  time  and  date.  Features  are 
automatic  contrast  control,  unattended  receiver  mode, 
clocVcals^^ar  di^lay,  convenience  copy,  voice 
request,  security  check,  and  diagnostics.  Dimensions 
of  Fax  are  13.2"  W  x  12.3"  D  x  7.1"  H.  Electrical  is 
120  VAC  50/60  Hz 
(No  Lcaiger  in  Production) 

DROPPED  DATE:  07/01/91 

Optical  Data  Systems,  Inc.  ODS  108-M,  108-F 

Richardson,  TX 

Fiber  Optic  232/188  Line  Driver  with  Interface 
Conversion 

ODS  108-M  Male  DB25  Connector 

ODS  108-F  Female  DB25  Connector 

DROPPED  DATE:  01/01/92 

Optical  Data  Systems,  Inc.  ODS  235 

Richardson,  TX 

Opticcil  Ethernet  Interface  forms  a  100%  optical 
ethemet  vhen  used  with  ODS  240  or  ODS  241.  When 
used  with  ODS  234-F  forms  an  Ethemet  Transceiver  Drop 
Cable  Replacement 

DROPPED  DATE:  01/01/92 

FiberOcm,  Inc.  TEM-9600 

Roanoke,  VA 
Fiber  Optic  Data  Modem 
(No  longer  in  Production) 

DROPPED  DATE:  04/01/91 


Model 

Number 
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Equipment  Category 


Model 

Number 


Modem 


Miltiplexer 


Multiplexer 


Network 


Network 


Manufacturer 
City,  State 
Description 

optical  Data  Sj^tems,  Inc.  CDS  411 

Richardson,  TX 

The  CDS  411  Modem  is  an  interface  device  vftiich  con¬ 
verts  an  lEM  3173^327X  signal  into  a  fiber  optic  sig¬ 
nal.  Ihe  vuiit  allows  the  viser  to  replace  the  RC62  A/U 
coax  cables  that  normally  connect  such  units,  with 
fiber  optic  cables.  Ihe  unit  can  be  used  at  both  re¬ 
mote  and  controller  locations.  Ihe  unit  can  be  used  to 
complete  the  connectiori  to  the  CDS  817,  32-channel 
light  output  IBM  327X  MUDTIPEEXER.  Ihe  unit  is 
functionally  ccrapatible  with  all  versions  of  IBM  317V 
327X  cluster  controllers  and  type  A  terminals 
DROPPED  DATE:  01/01/92 

Cptical  Data  Systems,  Inc.  ODS  3l4 

Richardson,  TX 

32-channel  asynchronous  RS-232/MIL  188C  Fiber  Optic 
Multiplexer  with  hardware  flow  control,  for  cptical 
cxanmunications  between  termincils,  cxmputers,  data 
switches,  printer,  and  plotters 
DROPPED  DATE:  01/01/92 

Optical  Data  Systems,  Inc.  ODS  817 

Richardson,  TX 

32-C3iannel  327X  Fiber  Cptic  lype  A  Multiplexer  with 
fiber  optic  irputs  and  outputs.  Four  each  3299  multi¬ 
plexed  or  32  individual  termincil  data  streams  are 
sipported 

DROPPED  DATE:  01/01/92 

Cptical  Data  Systems,  Inc.  ODS  240 

Richardson,  TX 

Ethernet  16  Channel,  Fiber  Cptic  Multiport  Transceiver. 
Ihe  16  local  channels  can  be  ary  mixture  of  Ethernet, 
Revision  1,  Revision  2,  tfrr  802.3,  or  thin  wire 
Ethernet.  A  17th  port  is  provided  to  connecrt:  to  a  coax 
baddone  or  another  ODS  240  in  a  tree  structure. 

DROPPED  DATE:  01/01/92 


Xerox  Corp.  8033T/60HZ 

Sunnyvale,  Ck 

8000  Net^rk  System  Model  8033T  File/Ccraimunications 
Server  ccaisisting  of: 


K93  Processor 

M51  42MB  Drive 

M47  Di^lay/ke^xard 

73S80541  Ethernet  Tranceiver 

152S25300  301  and  302  drop  cables 

RS232C  Ocmimunications  capability 

P3S  Memory  Ejqjansion  Kit 

(No  Longer  in  ProcJuction) 

DROPPED  DATE:  04/01/91 
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Equipment  Category 


Network 


Plotter 


Printer 


Printer 


Manufacturer  Model 

city,  state  Mmflaer 

Description 

Xerox  Oorp.  8046T/60HZ 

Sunnyvale,  CA 

8000  Network  System  Mociel  80461  Print  Server 
(See  8044  Printer  Server)  cxaisisting  of: 

M51  42MB  Drive 

P35  Memory  EjqansicHi  Kit 

(No  Irnger  in  Pcociiction) 

DROPEGD  DATE:  OA/01/91 

TEMPEST  Tech. ,  Inc.  (T2I)  WS3200T 

Herndon,  VA 
X-Y  8-pen  plotter 
Special  Features: 

Plots  i;p  to  a  11"  X  17"  eu?ea 
40  ai\/s  maximum  plotting  speed 
1  mm  to  .025  mm  progairmable  st^  size 
accuracy  of  plus  or  minus  .3%  of  deflection 
automatic  pen  ceding  mechanism 

3  built-in,  switch  selectable  command  sets  (DIGIPEDT, 
PEKSCmL  PICTTER,  &  HP-<aj 

case  is  a  shielded  enclosure  with  hinged  lid 
5kB  data  buffer 

RS-232  serial  interface 

No  longer  in  producticxi  moved  to  section  six  of  the 

HTi. 

DROPPED  DATE:  10/01/91 

IBM  Oorp.  IBM  3812 

Durham,  NC 

Bag^rinter  for  use  with  lEM  personcil  conpater  or  host 
system  providing  letter  queility  printing  with  graphics 
configurations  with  the  following  options  and  feature 
codes: 

3812  Pageprinter  (Code  3125) 

With  Shielded  and  Filtered  Six  Meter  (Code  3135) 

24  Meter  (Code  3140) 

RS232C  Cable 

Shielded  and  Filtered  Six  Meter  VM  Attach  Cable  (Code 
3130) 

Shielded  3270  Information  Di^lay  System  Card 
(for  ooaxicil  connection  to  mainframe  host) 

NOTE:  Sharing  Card  (Code  3115)  and  TEMPEST 
Filter  (Code  3125)  are  not  compatible 
DROPPED  DATE:  10/01/91 

TEMPEST  Tech. ,  Inc.  (T2I)  IPF5600 

Herndon,  VA 
Printronix  P600 
Special  Features: 

Dataproducts  or  Centronics  parallel  interfaces 
600  LEM  printer  with  plot  &  graphics  mode 


E^ge  5—77 


Eq^pment  Category 


Model 

Number 


Printer 


Printer,  Daisywheel 


Printer,  Dot  Matrix 


Manuf2u±urer 
city,  state 
Description 

(Continued)  LPF5600 

96  character  ASCII 
Options; 

RS232  interface 
ejqjanded  character  sets 
(No  Longer  in  Producticai) 

DnOPFED  DKEE:  07/01/91 

TEMPEST  Tech. ,  Inc.  (T2I)  LEM5300 

Herndon,  VA 
Printronix  P300 
Special  Features: 

Dataproducts  or  Centronics  parallel  interfaces 
300  LEM  printer  with  plot  &  graphics  mode 
96  character  ASCII 
Options: 

PS232  interface 
expanded  character  sets 
(No  Longer  in  Production) 

DROPPED  DATE:  07/01/91 

TEMPEST  Tech. ,  Inc.  (T2I)  760T 

Herndon,  VA 
Specicil  Features: 

Centronics  &  IBM  rc-catpatible  parallel  interface 
l.SkB  buffer 

115  VAC  +  10%-15%,  50/60  Hz,  switch  selectable 
Options: 

7.5]^  buffer 

bidirectional  forms  tractor 
single  &  di^  bin  sheet  feeder  with  envelope  & 
triple  bin  sheet  feeders 
RS-232C  Serial  Interface 
(No  Longer  In  Production) 

DROPPED  DATE:  04/01/91 

CPT  Corp.  EM  245T 

Minneapolis,  MN 
Dot  Matrix  Printer 
Special  Features: 

180  CPS  Draft 

45  CPS  Near  Letter  Quality 
Graphics 

Friction  and  Tractor  Feed 
PS232  Interface 
Options: 

Parallel  Interface 
Color 

Sheet  Feeders 
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Equipment  Category 


Printer,  Dot  Matrix 


Printer,  Dot  Matrix 


Printer,  Dot  Matrix 


Manufacturer 
city.  State 
Description 

(Continued) 

CX31 
36  lbs 

(No  longer  in  Production) 

DROPPED  DZUCE:  07/01/91 

International  Tecii.  Oorp. 

McLean,  VA 
AMT  color  dot  matrix  printer 
Special  Features: 

Serial  and  parallel  I/O  ports 

Pcint  mode  is  user  selectable  between  draft,  memo  & 
letter  quality 

Graphics  capability 
Options; 

Color  with  sericil  I/O  port  (OEM  model  2001) 

Color  with  parallel  I/O  port  (OEM  model  2002) 
BlacK/White  with  serial  and  parallel  I/O  port 
(OEM  model  2103) 

BlacVWhite  with  serial  I/O  port  (OEM  2101) 
Black/White  with  parallel  I/O  port  (OEM  2102) 

(No  longer  in  Production) 

DROPPED  DATE:  07/01/91 

North  Atlantic  Ind. ,  Inc.  7020T 

Hav^^uge,  NY 

Puggedized  Dot  Matrix  Printer 
Special  Features: 

180  cps  Draft 

75  cps  Near  letter  Oxality 

Graphics  72X72  DPI 

Parallel  Interfaces 

DEC  LA  120,  IA34,  Anadex  9620,  &  9625 

Code  3of9andI2of5Bar  Code 

MIIr-STD-461A,  MIL-ST-810C,  HAEMP/HEGHINING,  E3CIREME 
OPERATING  ENVIRCM1ENT 
Opticxis; 

Graphics  144x144  DPI 
EPSCaJ  MX  and  Diablo  630  Coompatibility 
(No  longer  in  Production) 

DROPPED  DATE:  0 A/01/91 

North  Atlantic  Ind. ,  Inc.  7035T 

Hav?pauge,  NY 
Dot  Matrix  Printer 
215  cps  Draft 
90  cps  Near  letter  Qjality 
45  cps  letter  Quality 
Graphics  144x144  DPI 
RS232  and  Parallel  Interfaces 
DEC  lA  120,  IA34 


Model 

Muoiber 

CM  245T 

rrc  50-T 
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Equipment  Category 


Moael 

number 


Manufacturer 
State 

Description 

(Continued)  7035T 

KEGIS  Graphics 
Anadex  9620  and  9625 
EPSC»I  MX  and  Diablo  630  Comopatibility 
Code  3  of  9  and  Code  I  2  of  5  Bar  Code 
Options: 

4HMDrd  Processing  Fonts 
16kB  PAM  Buffer  and  EARCM 
(No  Longer  in  Production) 

DROPPED  DATE:  04/01/91 

Printer,  Dot  Matrix  North  Atlantic  Ind. ,  Inc.  P5-T 

Har^paioge,  NY 
Dot  Matrix  Printer 
Special  Features: 

Print  Speed:  290  cps-Draft 

100  cps-Letter  Quality 
Ril±on:  Four-color,  Black  and  Multi-strike 
Paper  Width:  3.5  -  16” 

Grc^iiics  Resolution:  360x360  Dots  Per  Inch 
Noise  Level:  53  dBA 

Fonts:  14  Resident  Fcaits  and  11  Cartridges 
Interface:  Centrcxiic  Parallel  and  RS232C 
150  Baud  -19.2kB  Baud 
Printhead:  24  Pin  Dot  Matrix  Inpact 
Power:  115V  50/60  Hz,  230V  50/60  Hz 
(0£M  NEC  Informaticxi  Systems  Inc. ) 

DROPPED  DATE:  01/03/92 

Printer,  Dot  Matrix  TEMPEST  Tech. ,  Inc.  (T2I)  1020T 

Hemdcai,  VA 
Dot  Matrix  Printer 
Special  Features: 

Operator  changeable  interface/personality  cartridge 
(Serial  RS  232C  or  Parallel  Centronics) 

Bidirectional  printing  with  emphasized,  doublestrike, 
espanded,  bold,  ccanpressed,  underscore  and, 
proportional  spacing  inodes. 

Draft  mode  -  200  CPS  at  10  CPI 

(character  formation  9H  x  9V) 

Quality  mode  -  100  CPS  at  10  CPI 

(character  formation  35H  x  9V) 

18  staggered  wire  print  head  array 

Bit  Image  (Graphics)  Format  -  144  DPI  V  by  240  CBIH 

Printii^  modes  10  CPI,  12  CPI 

Vertical  line  spacing  -  3,  4,  or  6  lines  per  inch 
2K  character  buffer 
Pcwer,  115VAC  Domestic 
Options: 

Line  spacing  other  than  above  can  be  determined  by  a 
personality  cartridge  in  1/216  inch  increments. 
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Equipnent  Category 


Printer,  Dot  Matrix 


Printer,  Dot  Matrix 


Manufacturer  Model 

city/  state  Nunoiber 

Description 

(Continued)  1020T 

Perscaiality/Interfaoe  Cartridges 
lEM  Color  GrEqphics  Printer/Par^lel 
lEM  Color  Qre^iiics  Printer/Serial 
Genicm  -  Ansi/Parallel 
Geniccm  -  Ansi/Serial 
Ipson  EVJX  Serial 
Epson  FVJX  Paraillel 
Font  Cartridges 
Courier 
Courier  Italic 
Gothic 

Prestige  Elite 

OCR-A 

OCR-B 

Orator 

Micro-Gothic 

8K  character  buffer  expansicai 
Color  Ribbon  Kit 
Power,  200VAC  International 
DROFEED  DATE:  01/01/92 

TEMPEST  Tech.,  Inc.  (T2I)  SIP3184 

Herndon,  VA 
Dot  Matrix  Printer 
Special  Features; 

180  CPS  Draft 

45  CPS  Near  Letter  Quality 
Graphics 

Friction  and  Tractor  Feed 
RS232  Interface 
Cp>tions: 

Parallel  Interface 
Color 

Sheet  Feeders 
OCR 

36  lbs. 

Ruggidized  Dot  Matrix  Printer,  Model  SLP3184-3R 
(OEM  Geniccm  3184) 

DROPPED  DATE:  01/01/92 

TEMPEST  Tech. ,  Inc.  (T2I)  SIP3304 

Herndon,  VA 
Dot  Matrix  Printer 
Special  Features: 

300  CPS  EDP 
200  CPS  Draft 

100  CPS  Near  Letter  Quality 
Graphics 

Friction  and  Tractor  Feed 
RS232  Interface 
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Equipment  Category 


Model 

Number 


Printer, 


Printer, 


Manufacturer 
City,  State 
Descripti«i 

(Continued)  SIP3304 

Options: 

Parallel  Interface 
Color 

Sheet  Feeders 
OCR 

36  lbs. 

(OEM  Geniccm  3304) 

DROPPED  DATE:  01/01/92 

Dot  Matrix  TEMPEST  Tech.,  Inc.  (T2I)  SLP3404 

Herndon,  VA 
Dot  Matrix  Printer 
Special  Features: 

400  CPS  Draft 

100  CPS  Near  letter  Quality 
Graphics 

Friction  and  Tractor  Feed 
PS232  Interface 
Options: 

Parallel  Interface 
Color 

Sheet  Feeders 
OCR 

36  lbs. 

(OEM  Geniccm  3404) 

DROPPED  DAIE:  01/01/92 

Laser  Hewlett  Packard  Company  HP  33440X-T 

Palo  Alto,  CA 
LaserJet  Series  II 
HP  33440A-T  =  60Hz  110/115  VAC 
HP  33440B-T  =  50Hz  220/240  VAC 
Special  Features: 

8  pages  per  minute 

standard  512kB  memory 

300  dots  per  inch  (half-page) 

Serial  and  parallel  interfaces 
Dual  font 
Options: 

additional  memory  for  full  page  300  dots  per  inch 
graphics 

Multi-i;iser  interface  for  i?)  to  3  simultaneous  lasers 
On-site  servicjeable 
UI/CSVTOV  listed 

001:  1MB  memory  i?jgrade  (l.SMB  total) 

002:  2MB  memory  i^jgrade  (2.5MB  total) 

004:  4MB  mestory  i^jgrade  (4.5MB  total) 

005:  ShareSpool  multi-user  serieil  interface 
DROPPED  DATE:  04/01/91 
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Equipnent  Categoiy 


Model 

Ningber 


Printer/  Laser 


Printer,  Laser 


Printer,  Laser 


Manufacturer 
dty.  State 
Description 

Mit^  Systems,  Inc.  120T 

San  Diego,  CA 

Desktcp  Laser  Printer  (LaserJet  Series  II) 

Model  Number: 

120T  =  50/60HZ  110-115  VAC 

120T-1  =  50/60HZ  220-240  VAC 

Special  Features: 

Engine:  Cannon  IP&-SX 

Print  Speed:  8  pages  per  minute 

Interfaces:  PS-232C,  RS-422,  Parallel 

Paper  Size:  Letter,  Legal,  A4,  Executive,  Envelopes 

Correct  Order  CXitput 

2  fcait  cartridge  slots 

Memory:  512kB,  300  dots  per  inch  half-page  graphics 
Options: 

AdditiOTial  memory  for  full  page  300  (^i  graphics 
with  additional  memory  for  downloadable  fonts  &  forms 
Memory  Options: 

400004:  1MB  Additional  Memory  (1.5MB  Total) 

400005:  2MB  Additional  Memory  (2.5MB  Total) 

400006:  4MB  Additicml  Memory  (4.5MB  Total) 

(No  Longer  in  Production) 

DBOPFED  DATE:  04/01/91 

Mitek  Systems,  Inc.  125T 

San  Diego,  CA 

Multi-user  Desktop  Laser  Printer 
Model  Number: 

125T  =  50/60HZ  100-115  VAC 

«=^Tn«a  functions  &  memory  <^ions  as  Mitt's  120T 
Special  Features: 

Interfaces:  3  ea  RS-232C,  Parallel 
Selectable  Serial  I/O  Rates  of  9.6kB  or  19.2kB 
Intelligent  Buffer  Management  and  Printer  Sharing 
(No  Longer  in  Production) 

DROPPED  DATE:  04/01/91 

North  Atlantic  Ind. ,  Inc.  KISS  plus  T 

Hauf^uge,  NY 

Desk-Tcp  TEMPEST  Laser  Printer  (formerly  Laser  8S) 
Special  Features: 

Engine:  Canon  LPB-SX 
Print  Speed:  8ipm 

Printer  Emulations  for  all  models:  Qume  ^rint  11, 
Diablo  630,  Epson  FX-80,  ANSI  X3.64 
Card  20  additions 
lEM  Prc^rinter 
HP  Laserjet  +  (HP-PCL) 

Card  30  additions 
lEM  Proprinter 
HP  LaserJet  +  (HP-PCL) 
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Equipment  Categoiy 


Model 

Muniber 


Manufacturer 
City,  state 
Descriptioi 

(Continued)  KISS  plus  T 

HP  7475A  Plotter  (HEK3L) 

Card  40  additions 
lai  Proprinter 
HP  LaserJet  +  (HP-PCL) 

Tektronix  4010/4014 

Interfaces;  RS232C  and  Centronics  Parallel 
Scanning  Line  Density;  300  DPI 
Memory  Options; 

Card  10-512kB 
Card  20-lMB 
Card  30/40-2.3© 

Fewer;  llOV  +/-10%,  50/60  Hz  or  230V  50  Hz 
Fonts;  14  residait  fonts,  cartridge  loaded  host 
resident-dewn  loaded 
(OEM;  QMS  Inc.) 

(No  Longer  in  ProAKtion) 

DROPPED  DATE:  04/01/91 

Workstation  i^llo  Conpiters,  Inc.  TCN3000 

North  Billerica,  MA 

The  TCN3000  Personal  Workstation  is  cenposed  of  a  CEU 
chassis,  keyboard,  mouse,  color  monitor  and  associated 
controller  board,  one  RS-232C  I/O  and  a  fiber  optic 
Local  Area  Network  Interface.  The  basic  xmit  is 


coitposed  of  the  following; 


i^llo  Part  No. 

CEU  chassis; 

CEU  Board 

K00105 

Ring/Network  Interface  Set 

K00022 

2MB  Memory 

K00021 

Fewer  Supply 

K00097 

KteitxDard 

007121 

Mouse 

P7-3F-AO 

Coaxial  to  Optic  Link  Adapter  (TDID-100) 
Cables; 

10140001 

CEU  Power  Cord  (AIMOR) 

E30174,  LLI9274 

Monitor  Fewer  Cord  (BEIDEN) 

E3462-F,  LL24121 

IAN  Interface  Cable 

E48342,  IR42921 

External  Keihoard  Cable  (Honeywell  Dwg) 

A39006309-001 

External  SIO  Cable  (Honeywell  Dwg) 

A39006784-001 

External  Video  Cable  (Honeywell  D^^) 
Options; 

A39006306-001 

Cartridge  Controller 

K00020 

Cartridge  Tape  Unit 

5945L 

ESDI/Floppy  Controller 

K00106 

380MB  Hard  Disk  Drive 

K00023 

17(MB  Hard  Dii^  Drive 

K00030 

Four  2MB  Expansicxi  Memory  Boards 

K00021 

Color  Ccaitroller  Board 

K00032 

19”  Color  Monitor 

HW  Model 
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Equipment  Category 


Model 

Muniber 


Workstation 


Workstation 


Manufacturer 
city.  State 
DescrLption 

(Continued)  TINSOOO 

No.  3000 

Floppy  Drive  K00035 

05/03/91:  Biis  Product  has  been  moved  to  Section  VI 
(No  Longer  in  Production)  of  the  July  1991  listing  at 
the  request  of  the  ccxrpai^. 

DROPPED  DATE:  07/01/91 

Contel  Federal  Systems,  Inc.  AN/UYQ-47(V) 

^  Vxl  •  /  CA 

Intelligence  Work  Station  (IWS,  also  nomenclatured  as 
2000WS) 

8-bit  I/O  processor 
256kB  RAM 

16-bit  (32016)  processor 
1MB  RAM 

1.2MB  flc^py  di^ 

ducd  buss  backplane  with  buss  e}q)ander 
two  sync/async  ports  (RS232,  MII/-188,  RS-422) 
mouse 
ke^xard 
Options: 

r>iai  Operator  Configuration  with  8-bit  micrcprocessor 
&  256kB  RAM  ejqansion 

16-bit  (80286)  microprocessor  &  3MB  ejqansion 
32  bit  co-processor  &  3MB  RAM  expansion 
Second  ke^xard 

Removable  10MB,  30MB,  or  100MB  Winchester  Disks 
Second  Removable  10  MB,  3(»1B,  or  100MB  Winchester  Disks 
tp  to  4  CRT  monitors  including: 

Gr^hics  19"  display  (1  or  2)  1280x960x4  monochrome 
Gr^hics  19"  display  (1  or  2)  1280x1024x8  color 
13"  EGA  Color 
14"  ^fonochrcmne 
Parallel  Port 
Four  Async  RS-232  Ports 
Ethemet-ccaonpatible  Local  Area  Network 
Second  1.2MB  flc^py  di^ 

3278  Emulator 

Series  3000  -  386  Intelligence  Workstation  with  dual 
operator  capability 
(No  Longer  in  Production) 

DROPPED  DATE:  07/01/91 

Xerox  Corp.  6085T 

Sunnyvale,  CA 

Hi^-Spe^,  single-niser  workstation  designed  for  the 
professional  office  environment.  It  can  be  configured 
as  a  stand-alone  workstation,  remote  workstation,  or 
networked  workstation  connected  to  an  Ethernet  local 
Area  Network  (IAN) .  The  system  inclxides  a  central  high 
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Equipment  Category 


Model 

Number 


Manufacturer 
city,  state 
Description 

(Continued)  6085T ' 

performance  Mesa  processor,  memory,  a  memory 
controller,  a  display  controller,  an  I/O  subsystem,  a 
Perroneil  Computer  Option  and  optional  extemcil 
peripherals.  Ihe  computer  system  consists  of  a 
processor  unit  with  hard  disk,  ke^iDoard,  floppy  disk 
unit,  monochncane  monitor  and  mouse. 

Options: 

10k  -  U.S.  Keyboard 

12k  -  19"  BitHMapped  Monochrome  Display 
15k  -  4QMB  Removable  Rigid  Drive 
16k  -  80  MB  Removable  Rigid  Drive 
17k  -  2.6MB  Memory  E}q)ansicHi  Board 
18k  -  512kB  Memory  Expansion  Kit 
19k  -  360kB  Flcppy  Disk  Drive 
21k  -  PC  Emulator  Board 
22k  -  Control  Store  Memory  Kit 

RS-232-C  Canraunications  Cable  (50-foot)  (152S24160) 
Ethernet  Transceiver  with  Drcp)  Cable  (30-foot) 

40MB  Hard  Disk  Drive 
120V,  60Hz  Power  Sipply 
(No  longer  in  Production) 

DROPPED  DATE:  04/01/91 
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INTRODUCTION  TO 

THE  ENDORSED  TEMPEST  PRODUCTS  LIST 
AND 

THE  POTENTIAL  ENDORSED  TEMPEST  PRODUCTS  LIST 

1.  The  National  Security  Agency  (NSA)  Endorsed  TEMPEST 
Products  List  (ETPL)  is  a  list  of  commercially  developed  and 
produced  TEMPEST  telecommunications  equipment  which  NSA  has 
endorsed,  under  the  auspices  of  the  NSA  Endorsed  TEMPEST 
Products  Program  (ETPP) ,  for  use  by  Government  entities  and 
their  contractors  to  process  classified  U.S.  Government 
information.  NSA  endorsement  is  a  statement  that  the  company 
has  successfully  demonstrated  to  NSA  that  its  product 
complies  with  the  requirements  of  the  National  TEMPEST 
Standard,  NACSIM  5100A,  Compromising  Emanations  Laboratory 
Test  Standard,  Electromagnetic,  dated  1  July  1981,  and  that 
the  company  has  in  place  and  applies  to  the  product,  the 
manufacturing  capability  and  product  assurance  controls 
necessary  to  ensure  the  continued  TEMPEST  integrity  of  the 
product  subsequent  to  endorsement.  In  contrast  to  the 
accreditation  process,  which  relied  almost  exclusively  on 
private  industry-certified  TEMPEST  professionals  to  determine 
product  compliance  with  NACSIM  5100A,  the  ETPP  endorsement 
process  requires  significant  and  active  involvement  by  NSA 
technical  resources  in  the  evaluation  and  post  endorsement 
product  assurance  inspection  processes. 

2.  WARNING  AND  CAVEATS: 

a.  NSA  does  not  make,  by  virtue  of  its  endorsement, 
any  warranty  or  representation,  regarding  the  efficacy  or 
fitness  for  use  of  the  products  contained  in  the  ETPL. 

b.  NSA  endorsement  is  limited  to  the  specific 
product,  manufacturer,  and  configuration  of  the  product 
delineated  on  the  ETPL.  Users  of  equipment  are  cautioned 
that  similar  products  of  other  manufacturers  or  equipment 
deviating  from  the  ETPL  listed  configuration  may  not  meet 
TEMPEST  standards.  Similarly,  equipment/systems 
interconnecting  with  ETPL-listed  equipment  may  not  meet 
TEMPEST  standards.  Users  are  therefore  advised  to  consult 
with  their  TEMPEST  authority  before  processing  classified 
information  on  non-endorsed  equipment/ systems. 

c.  The  ETPL  is  designed  to  assist  U.S.  Government 
buyers  and  users  to  identify  commercially  available  equipment 
which  meet  the  national  TEMPEST  standard  and  to  which 
manufacturers  have  committed  to  satisfying  a  vigorous  product 
assurance  program  for  ensuring  the  TEMPEST  integrity  of  the 
product.  The  ETPL  does  not,  however,  constitute  an  inclusive 
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list  of  products  which  meet  the  national  TEMPEST  standard. 
The  absence  of  a  product  from  this  list  means  one  of  the 
following: 

1)  The  manufacturer  of  the  product  has  not 
submitted  a  product  proposal  for  endorsement  under  the 
auspices  of  the  ETPP. 

2)  The  manufacturer  has  submitted  a  proposal 
but  was  unable  to  satisfy  the  ETPP  eligibility  requirements. 

3)  The  manufacturer  has  submitted  a  product 
proposal  and  is  currently  pursuing  endorsement  under  the 
ETPP. 


4)  The  manufacturer  failed  to  satisfy  the 
requirements  for  endorsement  under  the  ETPP. 

5)  The  manufacturer  initially  satisfied 
endorsement  requirements,  but  product  endorsement  has  since 
been  terminated  due  to  failure  by  the  manufacturer  to 
continue  to  satisfy  post  endorsement  requirements. 

d.  By  the  definitions  provided  in  the  1984  ITP 
Advertising  Guidelines,  the  phrase  "Designed  to  meet  NACSIM 
5100A"  is  to  be  used  to  describe  products  which  will  be 
advertised  as  containing  TEMPEST  control  measures,  but  which 
have  either  not  been  TEMPEST  tested  at  all  or  such  tests  have 
not  been  completed.  Accordingly,  a  product  advertised  as 
"Designed  to  meet  NACSIM  5100A"  may  indicate  that  the  TEMPEST 
characteristics  of  the  product  have  not  been  verified.  Users 
requiring  NACSIM  5100A-compliant  equipment  should  only  use 
products  which  have  been  fully  tested  to  determine  the 
product  meets  the  national  standard. 

e.  EXPORT  CONTROL  NOTE:  TEMPEST  equipment  falls 
under  the  licensing  jurisdiction  of  the  Department  of  State, 
Category  XI  (C) ,  Title  22  of  Federal  Regulations,  Section 
121. 


f.  The  equipment  on  the  ETPL  is  listed  by  the  name 
of  the  company  which  manufactured  the  TEMPEST  version  of  the 
product  and  not  by  the  Original  Equipment  Manufacturer  (OEM) . 

3.  NSA  endorsement  and  placement  of  a  product  on  the 
ETPL  does  not  occur  until  the  Agency  determines  that  a 
company  has  satisfied  all  ETPP  requirements,  including  but 
not  limited  to,  company  submission  and  NSA  approval  of  a 
product  specific  proposal,  which  includes  an  evaluation  of 
the  company's  manufacturing  and  product  assurance 
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capabilities;  company  submission  and  NSA  approval  of  a 
TEMPEST  test  plan;  company  execution  of  the  test  plan  on  a 
production  unit;  company  submission  and  NSA  approval  of 
various  product  assurance  data  deliverables  delineating  the 
company's  manufacturing  processes  and  techniques  for  ensuring 
the  continuing  TEMPEST  integrity  of  the  product. 

4.  In  an  effort  to  assist  U.S.  Government  buyers  and 
users  with  their  procurement  and  budget  planning,  the  Agency 
has  created  a  Potential  Endorsed  TEMPEST  Products  List 
(PETPL) .  Companies  are  eligible  to  have  their  products 
included  on  this  List  upon  satisfying  preliminary  ETPP 
requirements  toward  product  endorsement,  i.e.,  company 
submission  and  agency  approval  of  the  product  test  plan. 

Users  are  warned  that  inclusion  upon  this  list  does  not  in 
any  way  imply  that  the  product  will,  in  fact,  receive 
endorsement.  It  merely  evidences  that  the  company  has 
expressed  intent  to  obtain  endorsement  of  their  product  in 
accordance  with  the  schedule  incorporated  into  the  MOA. 

SCHEDULE  OF  SUBMISSIONS  FOR  ETPL  AND  PETPL  LISTING 


1.  The  ETPL  and  PETPL  are  updated  four  times  yearly 
(January,  April,  July,  and  October).  Only  the  current  issue 
should  be  used.  In  order  to  coordinate  all  the  chapters  in 
the  Information  Systems  Security  Products  and  Services 
Catalogue  (ISSPSC)  with  the  various  organizations  who  publish 
them,  and  in  order  for  the  timely  printing  and  subscription 
distribution  from  the  Government  Printing  Office  of  the 
ISSPSC,  the  Office  of  Acquisition  Support  and  Business 
Development  requests  that  all  Chapters  of  the  ISSPSC  be 
delivered  one  month  prior  to  the  quarterly  printing  month. 

As  a  result,  all  documentation  for  the  next  quarterly 
printing  of  the  ETPL  and  PETPL  must  be  delivered  to  the 
Endorsed  TEMPEST  Products  Program  Management  Office  (PMO)  two 
months  prior  to  the  quarterly  publication  month. 

2.  The  following  is  the  schedule  of  submissions  for  the 
ETPL  and  PETPL: 


ETPP  COMPANIES  MUST 
HAVE  DOCUMENTATION 
TO  PMO  BY: 


PMO  MUST  DELIVER  CATALOGUE 

FINAL  ETPL/PETPL  PUBLISHING 

FOR  ISSPSC  BY:  MONTH: 


1  November 
1  February 
1  May 
1  August 


1  December 
1  March 
1  June 
1  September 


J  anuary 
April 
July 
October 
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OUTLINE  OF  SECTIONS 


1.  The  PETPL  includes  the  name  of  the  company,  model 
number  and  equipment  category  of  the  product  for  which  the 
company  is  seeking  endorsement,  and  company  point  of  contact. 

2.  The  ETPL  consists  of  six  sections: 

a.  Index  (Section  I) :  A  list  of  all  equipment 
included  in  the  ETPL  and  sorted  alphabetically  by  the  TEMPEST 
manufacturer's  name.  A  cross-reference  can  be  made  to  other 
sections  in  the  document  for  additional  information  on  the 
equipment . 

b.  White  Pages  (Section  II) :  A  list  of  endorsed 
products.  Products  are  endorsed  upon  NSA  determination  that 
a  company  has  satisfied  all  ETPP  requirements  initially  and 
continue  to  be  endorsed  as  long  as  they  satisfy  NACSIM  5100A 
and  the  company  complies  with  the  product  assurance  and 
integrity  requirements  of  the  program. 

NOTE:  NSA  does  not  endorse  prototype  units. 

c.  Yellow  Pages  (Section  III) :  A  list  of  products 
containing  confirmed  TEMPEST  deficiencies.  Manufacturers  are 
required  to  resolve  these  deficiencies  in  accordance  with  the 
ETPP  requirements  and  time  frame  (a  period  not  exceeding  six 
months) .  Users  of  products  listed  in  Section  III  are  warned 
that  deficiencies  may  exist  and  should  contact  TEMPEST 
authority  for  specific  guidance  regarding  continued  usage  of 
the  product  for  processing  classified  information.  NSA  has 
initiated  a  TEMPEST  deficiency  alert  program  to  notify 
TEMPEST  authorities,  by  classified  message,  of  the  nature  and 
extent  of  the  deficiency  to  enable  TEMPEST  authorities  to 
provide  users  specific  guidance  regarding  continued  use  of 
the  product.  If  the  TEMPEST  deficiency  is  satisfactorily 
resolved  within  the  allotted  time  frame,  the  product  will  be 
relisted  in  Section  II. 

d.  Blue  Pages  (Section  IV) :  A  list  of  products 
with  ^  suspended  endorsement  pending  product  endorsement 
termination  and  appeal.  Suspension  of  endorsement  means  that 
the  company  cannot  continue  to  advertise  the  product  as  NSA 
endorsed  or  take  any  new  orders  from  U.S.  Government 
departments  and  agencies  which  require  an  NSA  endorsed 
product.  The  company  remains  in  Section  IV  pending  company 
product  endorsement  termination  and  appeal. 

e.  Red  Pages  (Section  V) :  A  list  of  products  whose 
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endorsement  has  been  terminated  because  of  unresolved 
deficiencies  or  failure  to  comply  with  ETPP  procedures  or 
recjuirements .  Users  of  such  products  should  seek  guidance 
from  their  TEMPEST  authority. 

f .  Green  Pages  (Section  VI) ;  A  list  of  products 
for  which  the  company  has  elected  to  permanently  discontinue 
production. 


ADMINISTRATIVE  NOTES 

1.  Once  a  product  is  listed  in  Section  V  or  VI,  it  will 
remain  there  for  one  year,  after  which  it  will  be  deleted 
from  the  ETPL. 

2.  Products  listed  on  the  ETPL  are  included  in  the  NATO 
Recommended  Products  List  (NRPL) .  The  NRPL  is  available  from 
the  Government  Printing  Office  (GPO) . 

3.  Further  information  about  a  product  on  the  list  or 
specific  questions  regarding  the  absence  or  deletion  of  a 
particular  product  should  be  directed  to  the  company  point  of 
contact  provided. 

4.  Companies  desiring  information  concerning  the 
process  for  proposing  the  development  of  candidate  TEMPEST 
products  for  the  ETPL  should  contact: 

Director 

National  Security  Agency 

ATTN:  X5 12/TEMPEST 

Fort  George  G.  Meade,  MD  20755—6000 


JANUARY  1992  ETPL  ANNOUCEMENTS 

Annoucements  will  be  updated  quarterly. 

The  Electronic  Bulletin  Board  System  (EBBS)  formerly 
used  by  the  TEMPEST  Endorsement  Program  Office  for 
communications  between  this  office  and  vendors  has  been 
discontinued.  Any  future  communications  will  be  conducted  in 
vrriting  or  by  telephone.  Consult  the  address  listed  above  in 
Administrative  Notes. 
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Manufac±urer 

Address 


January  1992  Potential  Endorsed  TEMPEST  Produces  List 


Equipment 

Category 


Candes  Systems  Incorporated  Carpiter 

3131  Detweiler  Road  1898T-XX-X 

H^leysville,  PA  19438 


CDraimmication  Systems  Tech.  Inc.  Switch 
9740  Patuxent  Woods  Parkway  CS-1544 
Columbia,  MD  21046 


Cryptek  Secure  Ccaranunicutions,  Inc.  Digital  Facsimile  Trans 
Div  of  General  Kinetics,  Inc.  TS-lOA 

P.  0.  Box  365 
Herndon,  VA  22070 


Datasec  Corporation 
P.  O.  Box  790 
Wilton,  NH  03086 


Display 

DSC-146 


Hetra  Coitputer  &  Ccanmunications  Co8n[puter,  Personal 

Industries,  Inc.  105TL-386/20-IXX 

P.  0.  Box  9000 
Sebastian,  FL  32958 


Monitor,  Color 
4714T 


lEM  Corporation  Option  Package 

System  Integration  Division  4405  Workstation 

P.  O.  Box  3775 

800  North  Frederick  Avenue 

Gaithersburg,  MD  20879 


Intergraph  Corporation  WorkstatioiVFileserver 

2051  Mercator  Drive  6000  Series 

Reston,  VA  22091 


Mitek  Systems,  Inc.  Ccmputer,  Personal 

P.  O.  Box  261004  710TE 

6225  Nancy  Ridge  Drive 
San  Diego,  CA  92121 

Ccnpater,  Personal 
720TE 


Ccnputer,  Personal 
730TE 

Display 

T5319E 


POC 


ATIN:  Daniel  J.  Signore 
215-256-4130 


ATIN:  William  D.  Kight 
301-381-5080 


ATIN:  Neel  J.  Price 
703-478-7140 


ATIN:  Judy  Figlioli 
603-954-9700 


ATTN:  Dan  Wonak 
407-589-7331  214 


ATIN:  Rctoert  J.  Schumm 
301-240-9900 


ATIN:  William  A.  Creech 
703-264-5696 


ATTN:  Glenn  Rit2aiiann 
619-587-9157 
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Manu£ac±urer 

Address 

Mit^  Systems,  Inc. 


Equipouent  kX; 

Category 

Continued 

Facsimile 

SFX2800TE 

Facsimile 

SFX80TE 

Monitor,  Color 
34xTE 


Monitor,  Color 
350TE 


North  Atlantic  Industries,  Inc. 
60  Plant  Avenue 
Hai;^pauge,  NY  11788-3890 

Versitron  Division 
Shielding  Systems  Corporation 
9005-8  Junction  Drive 
Annapolis  Junction,  MD  20701 

Wang  Laboratories,  Inc. 

I^S  013-A2A 

One  Industrial  Avenue 

Lowell,  MA  01851 

Zenitiyinteq,  Inc. 

13860  Redskin  Drive 
Herndon,  VA  22071 


Workstation 

900TE 

Computer,  Personal  ATIN:  Arthur  Freilich 

386T-33E  516-582-6500  251 


Interface,  CcsranunicationsATIN:  Richard  Kelley 
IE0120S  301-497-8600 


Scanner  ATIN:  Don  Gangemi 

YT2-SC300XX-T  508-967-4093 


Conputer,  Personal  ATIN:  Steven  G.  Ferguson 

ZTE-386  703-471-1500 


Personal  Conpater 
ZTE-386 
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Endorsed  TEMPEST  Croduct  List 


Equipment  Categories 
January  1992 


Ccaiputer 
Ccaiputer,  laptop 
Ostrputer,  Personal 
Disk  Drive 
Display 
Display,  Color 
Facsimile 

Interface,  Coraraunications 
IAN,  Fiber  Optic 
Network 

Peripheral  Cabinet 
Printer,  Color  Video 
Printer,  Dot  Matrix 
Printer,  Ink  Jet 
Printer,  Laser 
Scanner 
Scanner,  Color 
Server  Processor 
Tape  Drive 
Terminal 

Terminal/Wbrkstation 

Workstation 
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January  1992  Endorsed  TEMPEST  Eroduc±s  List 
Section  I 

List  of  Equipnents  and  Peripheirals 

Manufacturer 
city.  State 


Equipment  Category  Model 

Number 


Section 


i^llo  Coaipiter,  mcxDrporated 
Subsidiary  of  Hewlett-Packard  Co. 
P.  O.  Box  183 

North  Billerica,  MA  01862 
ATIN;  William  Carson 
508-256-6600  2569 

Candes  Systems  Incorporated 
3131  Detweiler  Road 
Harleysville,  PA  19438 
ATTN:  Daniel  J.  Signore 
215-256-4130 


Dataproducts  New  England,  Inc. 
P.  O.  Box  30 
Wallingford,  CT  06492 
ATIN:  Marilyn  Mar^ 
203-265-7151  224 

Datawatch  Corporation 
P.  O.  Box  847 
Wilmington,  MA  01887 
ATIN:  Alan  MacDougall 
617-932-0550 

Delta  Data  Systems  Corp. 

7175  Columbia  Gateway  Drive 
Colimaibia,  MD  21046 
ATIN:  Robert  Mellott 
301-290-6400 

Digital  Equipsnent  Corporation 
Mail  Stop  MK02-1/K6 
Digital  Way,  P.O.  Box  9501 
Iferrimack,  NH  03054-0430 
ATIN:  Mario  Martinello 
603-884-4375 

FiberCcm,  Incorporated 
P.  O.  Box  11966 
3353  Orange  Avenue,  N.W. 
Roanoke,  VA  24022-1966 
ATIN:  Jack  Freeman 
703-342-6700 


Workstation 


Ccstpiter 

Ccaipiter,  Personal 
Disk  Drive 
Display 
Display,  Color 
Scanner 

Printer,  Dot  Matrix 


Workstation 

Workstation 

Workstation 


Ccxrputer,  Personal 
Conputer,  Personal 
Ccrapiter,  Personal 
Ccxtputer,  Personal 
Display,  Color 

Network 

Server  Processor 
Server  Processor 
Terminal 
Terminal 


LAN,  Fiber  Optic 


TEN3500  II 


1891T-XX 

II 

1896T-XX 

II 

601T-XX 

II 

2319T-XX 

II 

2219T-XX 

II 

895T-XX 

III 

90X0-2T-X 

II 

X86/020 

II 

X86/540X 

II 

X86/550 

II 

8705T 

II 

8715T 

II 

8980T 

II 

TSX-XXX 

II 

EM1490TE 

II 

RF-H4005-XX 

II 

RF-DELNI-XX 

II 

RF-DSRVB-XX 

II 

RF-VT320-XX 

II 

RF-VX120-XX 

II 

7441-XX 

II 
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Manxifacturer 
City,  state 


Eguipnent  Category 


Model 

Number 


Section 


GRiD  Systems  Corporation  CCJiputer,  Laptop  1537E  II 

P.  0.  Box  7896 

Fremont,  CA,  94537-7896 

ATIN:  Patty  Bergquist 

415-226-5249 


Hetra  Ccaxputer  &  Communications 
Industries,  Inc. 

P.  0.  Box  9000 
Sebastian,  FL  32958 
ATIN:  Dan  Wonak 
407-589-7331 


Hewlett-Packard  Ccaipany 
Secure  Products  Operation 
1501  Page  Mill  Road 
Palo  Alto,  CA  94304 
ATIN:  Raymond  Yee 
415-857-7056 


Ccaooputer,  Personal 
Conputer,  Personal 
Ccaiputer,  Personal 
Coirputer,  Personal 
Display 
Display,  Color 
Printer,  Color  Video 
Scanner 

Terminal,  X-Windotra 
Workstation 

Printer,  Laser 
Workstation 


105TL-286/12-1XX  II 
105TL-386/SX-1XX  II 
105TS-286/12-1XX  II 
105TS-386/SX-1XX  II 


4820T  II 
4814T  II 
3443T  II 
93OIT-X  II 
k-130T  II 
RISC-6000/320T  II 

33449X-T  VI 
98588G-T  VI 


ffii^es  Data  Systems  Printer,  Laser  1L03-T 

P.  0.  Box  68019 

Anaheim,  CA  92807 

ATIN:  Scott  Webster 

714-693-5926 


IBM  Corporation  Workstation  4405 

System  Integration  Division 

P.  0.  Box  3775 

800  North  Frederick  Avenue 

Gaithersburg,  MD  20879 

ATIN:  Robert  J.  Schuram 

301-240-9900 


Ilex  Systems,  Ii^.  Facsimile  75OT  II 

1423  Scaith  Milpitas  Boulevard  Facsimile  760T-X  II 

Milpitas,  CA  95035 
ATIN:  Bob  Robinson 
408-945-0294 


International  Technology  Corp.  Ccaiputer,  Personal  ITC  PC  386/33-TE  II 

P.  0.  Box  6250 

McLean,  VA  22106-6250 

ATIN:  David  J.  Bloch 

703-749-1200 
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Maomfacturer 
City,  State 


Equipnent  Category 


Model 

Number 


Section 


Martin  Marietta  Corporation 
P.  O.  Box  1260 
Denver,  00  80201-1260 

ATTN;  Curtis  Brudos 
303-977-0867 

Mit^  Systems,  Inc. 

P.  O.  Box  261004 
6225  Nancy  Ridge  Drive 
San  Diego,  CA  92121 
ATTN:  Glenn  Ritzmann 
619-587-9157 


North  Atlantic  Industries,  Inc. 
60  Plant  Avenue 
Hatppauge,  NY  11788-3890 
ATIN;  Arthur  Freilich 
516-582-6500  251 

SEA,  Inc. 

1401  McCormick  Drive 
Landover,  MD  20785-5396 
ATIN:  P.J.  Mondin 
301-925-9400 

Sun  Microsystems  Federal,  Inc. 
P.  O.  Box  14277 
Fremont,  CA  94539-1577 
ATIN:  Wame  Watson 
408-276-5655 

Tektronix,  Incorporated 
P.  O.  Box  500 
Beaverton,  OR  97077 
ATIN:  Walt  Irwy 
503-685-2720 

Time  &  Space  Processing,  Iix::. 
705  Evelyn  Avenue 
Sunnyvale,  CA  94086 
ATIN:  Neil  Wiseman 
408-730-0200  318 


Workstation  AN/TYQ-37 


Ccnputer,  Personal 

610TE 

Ccnputer,  Personal 

650TE 

Ccnputer,  Personal 

660TE 

Coanputer,  Personal 

T5270ECI 

Ccaiputer,  Personail 

T5270ECX 

Computer,  Personal 

T5300-E 

Interface,  Communications 

SPC-12TE 

Peripheral  Cabinet 

T540IE 

Printer,  Laser 

104TE 

Printer,  Laser 

108TE 

Printer,  Laser 

130TE 

Printer,  Laser 

T527IE 

Printer,  Dot  Matrix 

P24-Te 

Printer,  Ink  Jet 

DeskJet-Te 

Printer,  Laser 

Laser  III-Te 

Printer,  Laser 

Laser  IIP-Te 

Scanner,  Color 

TCS-300 

Tape  Drive 

TGP-802 

Workstation 

3/260  T-E 

Workstation 

4/260  T-E 

Terminal/Workstation  4230T/ 4330T 


Facsimile  9100— X— XX 


VI 


II 

II 

II 

II 

II 

II 

II 

II 

II 

II 

II 

II 


II 

II 

II 


II 

II 


VI 

VI 


V 
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January  1992  Endorsed  TEMPEST  Eroduc±s  list 
Section  II 


Equipment  Category 


Ccaiputer 


Ccaxpiter,  laptop 


Endorsed  Equipments  and  Feriphercils 

Manufacturer  Model  no. 

City,  State 
Description 


Candes  Systems  Incorporated  1891T-XX 

Harleysville,  PA 

Ihe  Model  1891T-XX  is  a  TEMPEST  version  of  an  Apple 
Macintosh  SE-30  Coarpiter  with  a  16MHz  MC68030  CEU, 
built-in  MC68882  Floating  Point  Unit  (FEU) ,  256kB  RCM,  and 
an  internal  1.4MB  hi^-density  3.5  inch  disk  drive, 
located  on  the  rear  of  the  cabinet  are  two  Apple  desktop 
bus  ports,  1  SCSI  port,  2  serial  ports  and  1  stereo  audio 
jack.  The  1891T-XX  includes  a  9"  diagonal  512  x  342  pixel 
monochrcsne  CRT. 

Configured  Options: 


Model 

Basic  Unit  with  Included  Options 

1891T-01 

HD-01  TEMPEST  Internal  44MB 

Removable  Cartridge  Disk 
Drive  (SyQuest  SQ  555) 

Additional  Options: 

KB-01 

TEMPEST  Kei4x)ard  (M3-115) 

MM-01 

1MB  RAM  (4  X  256k  SIMMs) 

MM-02 

2MB  RAM  (dual  4  x  256k  SIMMs) 

MM-03 

4MB  RAM  (4  X  1MB  SIMMs) 

MM-04 

8MB  RAM  (dual  4  X  256k  SIMffe) 

MM-06 

5MB  RAM  (4  X  1MB  SIMMs  and  4  x  256k 
SIM^fe) 

MO-01 

TEMPEST  Mouse  (A9M0331) 

GRiD  Systems  Corporation 

1537E 

Fremont,  CA, 

The  GRIDCASE  1537E  is  a  hi^  performance  laptop  conputer 
featuring  the  80386sx  processor  and  optional  associated 
coprocessor,  ip  to  8MB  of  RAM,  a  removable  hard  drive, 
flcppy  drive,  and  a  broad  range  of  I/O  ports  including  dngi 
serial,  parallel,  SCSI,  VGA  and  external  ke^dDoard.  The 
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Equipment  Category 


Ccarputer,  Personal 


Manufacturer  Model  No. 

City,  State 
Description 

(Continued)  1537E 

GRiDCASE  1537E  utilitizes  an  elec±roluminescent  flat  panel 
for  crisp,  clear  viewing. 

Additional  Options  available  on  QdDCASE  1537E 

357  -  40MB  removable  hard  disk 

358  -  120MB  removable  hard  disk 

Candes  Systems  Incorporated  1896T-XX 

Harleysville,  PA 

Ihe  Model  1896T-XX  is  a  TEMPEST  version  of  an  J^le 
Macinto^  Ilci  Computer  with  a  25MHz  MC68030  CIU, 
built-in  MC68882  Floating  Point  Unit  (FEU) ,  512kB  RCM, 
and  an  internal  1.4MB  hi^-density  3.5  inch  disk  drive. 
Located  an  the  rear  of  the  cabinet  are  2  i^le  Desktop 
Bus  Ports,  1  SCSI  Port,  2  Serial  Ports,  1  Stereo  Audio 
Jack,  and  a  Video  Port. 

Configured  Options: 

Basic  Unit  w/ 

Model  No.  Included  Options 

1896T-00  Unit  as  described  above 

1896T-01  HD-02  Internal  40MB  Removable 

Di^  Drive  (Quantum  40S) 

1896T-06  HD-04  TEMPEST  internal  80MB 

Removable  Disk  Drive  (Quantum 
BOS) 

Additional  Options: 

MO-01  TEMPEST  i^le  Desktcp  Mouse  (A9M0331) 

KB-01  TEMPEST  2^16  Extended  Re^iDO^  (M0115) 

MM-01  1MB  RAM  (4  X  256k  SIMMs) 

MM-02  2MB  RAM  (Dual  4  x  256k  SIMMS) 

MM-03  4MB  RAM  (4  X  1MB  SIMMs) 

MM-04  8MB  RAM  (Dual  4  X  IMB  SIMMs) 

MM-06  5MB  RAM  (4  X  1MB  SIM^fe  and  4  x  256k  SIMMs) 

MM-07  16MB  RAM  (4  X  4MB  SIMMs) 

MM-08  32MB  RAM  (4  X  8MB  SIMIfe) 

VD-02  TEMPEST  i^le  Hi-Res,  Monochrome  Monitor  (M0400) 
RM-01  128kB  Cache  Memory 

VD-03  TEMPEST  l^le  Hi-Res.  RGB  Monitor  (M0401) 
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Equipment  Category 


Mbdel  Nb 


Conputer,  Personal 


Maimfeuirturer 
Cit7,  State 
Description 


Delta  Data  Systems  Corp.  8705T 

Colimibia,  MD 

Ihe  8705T  is  a  PC/AT  Coaipatible  Personal  Coirputer  in  a 
tower  configuration  that  features  an  Intel  80386-25  Mhz 
plug  in  CPU  and  an  ISA  12  slot  passive  backplane  with  8 
16-bit  and  4  8-bit  slots.  The  power  supply  is  110/220 
volt,  220  watt.  Memory  options  offer  ip  to  16MB  system 
manory  directly  on  the  CPU  card  and  vp  to  32  KB  cache. 
The  standard  configuration  offers  a  1.44MB  3.5”  floppy, 
a  1.2MB  5.25”  flc^y,  two  serial  DB9  RS232/MIL188  ports, 
one  parallel  port,  a  ke^hoard  port,  and  five  chambers 
for  mass  storage  devices. 


Configured  Options: 


Model: 


Memory  Options  Included: 


8705T-PC-31 

8705T-PC-32 

8705T-PC-33 

8705T-PC-34 


Basic  Unit  with  4  Mb  Memory 
Basic  Unit  with  8  Mb  Memory 
Basic  Unit  with  1  Mb  Memory 
Basic  Unit  with  16  Mb  Memory 


Options  Available  on  All  Models: 


14”  Monochrome  Monitor 

14”  Tri-Sy^  Color  Monitor 

Mono  Graphics  Adapter  &  Port 

Video  Adapter-  VGA-coitpatible 

1024  X  768  VGA  Display  Adapter 

80387-25  Mhz  Math  Co-processor 

Additional  Serial/Parallel  Adapter  Kit 

101  Key  Enhanced  AT  Keyboard  (USA) 

102  Key  Enhanced  AT  Kei4x)ard  (UK) 

102  Key  Enhanced  AT  Kfeihoard  (German) 

102  Key  Enhanced  AT  Ke^lxard  (French) 

102  Key  Enhanced  AT  Keyboard  (Italian) 

102  Key  Enhanced  AT  Keihoard  (Spanish) 

102  Key  Enhanced  AT  Keihoard  (Swedi^) 

102  Key  Enhanced  AT  Ke^ixard  (Swiss) 

Mouse,  3-Button,  Hi-Res,  RS-232  Serial 
Ethernet  Transceiver 

Ethernet  Controller  Card  (DOS  Ccannpatible) 

1  MB  RAM  Expansion 

4  MB  RAM  Expansion 

Lockit  Security  Device 

Controller,  Ehal  Flcppy/Hard  Disk  (ST-506) 

Controller,  Dual  Flcppy/Hard  Disk  (SCSI) 


EM-1425 

EM-1490TE 

DA-1424 

DA-1426 

DA-1428 

T87-214 

T87-400 

KB-4800A 

KB-4800B 

KB-4800C 

KB-4800D 

KB-4800E 

KB-4800F 

KBt4800G 

KB-4800H 

T87-614 

N84-008 

N87-113 

T336 

T341 

T87-185 

T87-810 

T87-840 


Primary  Drive  Secondary  Drive  Bay  3 


Model 


Page  6-14 


Equipment  Category 


CcHuputer,  Personal 


Meomfactuxer 
city.  State 
Description 

•ntinued) 

1.2M  Flcppy 

1.4M 

Ho(3el  No. 

8705T 

Flcppy  60MB  Tape  Backup 

T87-533 

1.4M  Floppy 

1.2M 

Flcppy  60MB  Tape  Backip 

T87-537 

1.2M  Flcppy 

1.4M 

Flcppy  No  Tape 

T87-540 

1.4M  Flcppy 

1.2M 

Flcppy  No  Tape 

T87-544 

Bay  4 

1.2  GB  Removable  HD  (SCSI) 

T87-160 

80  MB  Removable  HD  (ST-506) 

T87-140 

Bay  4 

60  MB  Rem  HD 

Bay  5 

None 

T87-220 

60  MB  Rem  HD 

60  MB  Rem  HD 

T87-221 

170  MB  Rem  HD 

None 

T87-222 

170  MB  Rem  HD 

170  MB  Rem  HD 

T87-223 

330  MB  Rem  HD 

None 

T87-224 

330  MB  Rem  HD 

330  MB  Rem  HD 

T87-225 

44.5  MB  Cart. 

Drv 

None 

T87-226 

44.5  MB  Cart. 

Drv 

44.5  MB  Cart.  Drv 

T87-227 

60  MB  Rem  HD 

170  MB  Rem  HD 

T87-228 

60  MB  Rem  HD 

330  MB  Rem  HD 

T87-229 

60  MB  Rem  HD 

44.5  MB  Rem  HD 

T87-230 

170  MB  Rem  HD 

330  MB  Rem  HD 

T87-231 

170  MB  Rem  HD 

44.5  MB  Rem  HD 

T87-232 

330  MB  Rem  HD 

44.5  MB  Rem  HD 

T87-233 

Delta  Data  Systems  Corp.  8715T 

Columbia,  MD 

de  8715T  is  a  PC/AT  Coirpatible  32-bit  EISA  Personal 
Ccsiputer  in  a  tower  (configuration.  It  features  a  33Mh2 
Intel  80386  CEU  based  motherboard  with  32-bit  EISA  bus 
teciinology.  Memory  <^tions  offer  vp  to  16MB  system  memory 
directly  on  the  motherboard.  The  standard  (configuration 
offers  a  110/220  Volt  220  watt  power  supply,  serial/parallel 
adapter,  two  serial  RS232/MIL188  ports,  parallel  port, 
ke^toard  port,  itonociircxne  port  with  six  32-bit  EISA  and  two 
16-bit  ISA  ejpansion  slots  for  cptions. 

Options  asvailable  on  the  8715T  include  a  14"  color  monitor 
with  resolutions  of  VGA  to  1024  x  768,  and  19" 
hi^-resolution  color  to  1280  x  1024,  14"  monocchrome 
monitor,  101/102  key  keyboards,  ISA  16-bit  and  EISA  32-bit 
SCSI  host  adapters,  1.2  MB  5.25"  and  1.44MB  3.50"  floppy 
drives,  44.5MB  (cartridge,  60MB,  170MB,  330MB,  760MB,  and 
1.2GB  removable  SCSI  hard  drives,  external  SCSI  port,  SCSI 
tape  back-rp  drive,  quad  asynchronous  serial  port  kit,  3 
button  mouse,  16-bit  and  32-bit  Ethernet  IAN  Adaptep, 
external  transceiver,  and  transceiver  cable  assemblies. 
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fS^iipnent  Category 


Model  No. 


Manufacturer 

State 

Description 

(Continued)  8715T 


Configured  CpticMis: 

Model  Memnory  Cpticxis  Included 

8715T-PC-04  Basic  IMit  with  4MB  Memory 
8715T-PC-08  Basic  Unit  with  8MB  Memory 
8715T-PC-16  Basic  Unit  with  16MB  Memory 

M90-100  80387-33  Mhz  Math  Co-processor 

M90-110  IMB  Memory  l^Dgrade  Kit  (256K  x  9)  80ns 

M90-120  4MB  Memory  l^)grade  Kit  (1MB  x  9)  80ns 

M90-130  220  Volt  Optical 

EM-1425T  14"  Monochrome  Monitor 

CM-1490TE  14"  Tri-Sync  Color  Monitor 
EM-1940T  19"  Hi^  Resolution  Monitor 

V90-100  Mono  Graphics  Adapter  &  Port 
V90-110  1024  X  768  VGA  Display  Adapter  (Interlaced) 

V90-200  1024  X  768  X  256  Adapter  (1Mb  VRAM  &  2  Mb  ORAM) 

V90-210  1280  X  1024  X  256  Adapter  (2Mb  VRAM  &  2  Mb  DRAM) 

V90-220  Memory  l^jgrade  (V90-200  to  V90-210) 

V90-230  VGA  Emulaticoi  for  V90-200  &  V90-210 
V90-240  Microfield  Graphics  T8  Card  w/2Mb  RAM 

P90-810  Two  Serial  (DB-9M,DB-23!) /Parallel  Itort  Kit 
P90-820  Four  fisyno  RS-232/MIL-188C  (DB-9M)  Port  Kit 
P90-830  External  SCSI  Port  Kit 

C90-100  SCSI  Hard  DisVFl<¥)py  Ctrller  Kit  (16-bit  ISA) 

C90-110  SCSI  Hard  Disl^Flc^py  Ctrller  Kit  (32-bit  EISA) 

C90-120  IDCKIT  Card  (Floppy  boot  inhibit  Card  for  UNIX) 

K90-100  101  Key  Enhanced  AT  Keiboard  (U.S.A.) 

K90-110  102  Key  Enhanced  AT  Keyboard  (U.K.) 

R90-120  102  Key  Enhanced  AT  Keiboard  (German) 

R90-130  102  Key  Enhanced  AT  Keyboard  (French) 

K90-140  102  Key  Enhanced  AT  Keyboard  (Italian) 

K90-150  102  Key  Enhanced  AT  Keiboard  (Spanish) 

K90-160  102  Key  Enhanced  AT  Keyboard  (Swedi^) 

K90-170  102  Key  Enhanced  AT  Keyboard  (Swiss) 

K90-180  Mouse,  3-Button,  RS-232  Serial 

L90-110  Ethernet  Ccoitroller  Card  (16-Bit  ISA) 

L90-115  Ethernet  Controller  Card  (32-Bit  EISA) 

L90-160  Verdix  IAN  Network  Security  Device  Kit 
ISO-100  Extemcil  Transceiver  (Ihick  Coax) 
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Equipntent  Category 


Ccfftputer,  Personal 


Kaimfacturer 
City,  State 
Descadption 


Model  Mo. 


(Continued) 

IflO-120 

L90-130 

ISO-140 

L90-150 

F90-500 

F90-501 

F90-502 

F90-503 

F90-504 

F90-505 

F90-506 

F90-507 

F90-508 

F90-509 

F90-510 

F90-511 

F90-512 

F90-513 

F90-514 

F90-515 

F90-516 

F90-517 


D90-200 

D90-210 

D90-220 

D90-240 

D90-250 

D90-310 

D90-320 

D90-325 

D90-340 

D90-350 

D90-360 

D90-370 

D90-380 

D90-390 

D90-400 

D90-410 


8715T 

10  foot  lAM  Transceiver  Cable 
30  foot  IAN  Transceiver  Cable 
50  foot  IAN  Transceiver  Cable 
70  foot  IAN  Transceiver  Cable 


1.2M  Floppy 
1.2M  FIcctY 
1.2M  Flc^jpy 
1.4M  Floppy 
1.4M  Floppy 
1.4M  Flcipjy 
1.2M  Floppy 
1.2M  Flcpp)y 
1.2M  Floppy 
1.4M  Floppy 
1.4M  Flcppy 
1.4M  Flcppy 
1.2M  Flcppy 
1.2M  Floppy 
1.2M  Flcppy 
1.4M  Flcppy 
1.4M  Flcppy 
1.4M  Flcppy 

Bay  4 


Blank 

Blank 

1.4M  Floppjy 

Blank 

1.2M  Flcppy 

Blank 

Blank 

Blank 

1.4M  Flcppy 

Blank 

1.2M  Flcppy 

Blank 

Blank 

150MB  Tape  Bacdop 

1.4M  Flcppy 

15(MB  Tape  Bacdop 

1.2M  Flcppy 

150MB  Tape  Backup 

Blank 

150MB  Tape  Backup 

1.4M  Flcppjy 

150MB  Tape  Backup 

1.2M  Flcppjy 

150MB  Tape  Backcp 

Blank 

44.5  MB  Cart. 

1.4M  Flcppy 

44.5  MB  Cart. 

1.2M  Flcppjy 

44.5  MB  Cart. 

Blank 

44.5  MB  Cart. 

1.4M  Flcppy 

44.5  MB  Cart. 

1.2M  Flcppy 

44.5  MB  Cart. 

Bay  5 

330MB  Beraovable  HD 
330MB  Removable  HD 
330MB  Removable  HD 
330MB  Removable  HD 
330MB  Removable  HD 
170MB  Removable  HD 
17(»1B  Removable  HD 
170MB  Removable  HD 
170MB  Removable  HD 
60MB  Removable  HD 
60MB  Remcfvable  HD 
6(MB  Removable  HD 
44.5MB  Removable  HD 
44.5MB  Removable  HD 
760MB  Removable  HD 
1.2GB  Removable  HD 


Blank 

6(MB  Removable  HD 
170  MB  Removable  HD 
330  MB  Removable  HD 
44.5MB  Removable  HD 
Blank 

60MB  Removable  HD 
170MB  Removable  HD 
44.5MB  Removable  HD 
Blank 

60MB  Removable  HD 
44.5MB  Removable  HD 
Blank 

44.5MB  Removable  HD 
(Full  Hei^t) 

(Full  Hei^t) 


Eadi 


Delta  Data  Systems  Corp.  8980T 

Columbia,  MD 

Hie  898OT  is  an  lEM  PS/2  Model  80  computer, 
cxaotputer  is  equippjed  with  a  20  MEIz  80386 
micrcprocessor,  featuring  micro  channel  ar^tecture, 
ei^t  slot  system  board,  2MB  RAM,  ESDI  disk 
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Equipment  Category  Manufacturer  Model  Mb. 

City,  State 
Description 

(Continued)  8980T 

controller,  115MB  hard  disk,  1.44MB  3.5"  floppy  drive, 
parallel  port,  serial  port  and  a  101-key  keitxaard.  The 
898OT  may  also  be  configured  with  a  13"  EGA  color 
monitor,  a  second  1.44MB  flc^^  drive,  an  80387  math 
cxprocessor,  dual  asynchronous  adapter,  ethemet  local 
area  network  adapter,  and  two  6MB  Memory  Expansion 
Boards. 

Model  Nos. 

8980T  The  basic  configuration  consisting  of  a  20  MHz 

80386  micrcprocessor,  an  ei^t  slot  system  board, 
a  2MB  RAM,  an  ESDI  disk  controller,  a  115MB  hard 
disk,  a  1.44MB  3.5"  flc^py  drive,  a  p)arallel 
port,  a  serial  port,  and  a  101-key  keitoard. 

8980T-1  The  basic  configuration  plus  a  13"  EGA  color 
monitor  and  an  EGA  adapter  board. 

Available  Options  on  All  Models: 

89D-001  1.44MB  3.5"  Flcppy  Drive 

89U-001  20  MHz  80387  Math  Coprocessor 

891-001  iXial  Asynchronous  Adapter  Board 
89N-001  Ethernet  IAN  Board 

89R-001  2MB  Ej^jansion  Memory 

89R-002  4MB  EJ5)ansion  Memory 

89R-003  6MB  E}q}ansion  Memory 

89R-004  8MB  Expansion  Memory 

89R-005  10MB  Ejqiansion  Memory 

89R-006  12MB  Ej^ansion  Memory 

Conputer,  Personal  Delta  Data  Systems  Corp.  TSX-XXX 

Colxjmbia,  MD 

The  TSX-X^  is  a  general  purpose  personal  conputer. 

Each  machine  is  equipped  with,  as  a  minimum,  the 
following:  80386SX  CPU  at  16MHz,  1MB  RAM,  two 
RS232/MIL188  ports,  one  parallel  port,  one  keiixjard 
port,  ei^t  expansion  slots  (seven  16-bit  and  one  8-bit) . 
The  TSX-XXX  cperates  autcmatically  on  world  wide  power. 

The  TSX-XXX  may  also  be  configured  with  3.5"  1.44MB 
flc^py  drives,  5.25"  1.2MB  flcppy  drives,  32MB,  60MB, 

107MB,  204MB  removable  hard  drives,  44.5MB  cartridge 
drives,  an  80387SX  math  cjo-processor,  an  enhanced 
detachable  keit)oard,  disk  controller  board,  vp  to  two 
fiber  optic  waveguides,  a  video  controller  with  port, 
and  a  mouse.  Memory  may  be  ejpanded  to  8MB  on  the 
motherboard,  and  with  the  addition  of  an  espansion 
board  vp  to  16MB.  The  MDSC  VGA  color  monitor  DTP^002 
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Model  No 


Meonifacturer 
City,  State 
Description 


(Continued)  TSX-XXX 

(llOV)  and  DrP-022  (220V)  are  available  for  use  with 
this  machine. 

Model  No.  Basic  Unit  with  Included  Options 

ISX-OOl  Drv-002  VGA  Port  and  Controller 

DTD-OIS  Floppy/SCSI  Disk  Controller 
DrD-033  3.5"  1.44MB  Flcp^  Drive 
(Floppy  1) 

'ISX-002  Drv-002  VGA  Port  with  Controller 

DrD-013  Floppy/SCSI  Disk  Controller 
DrD-035  5.25"  1.2MB  Flqppy  Drive 
(Floppy  1) 


Addditional  Options  Available  on  All  Models: 


DrR-002 

DrR-003 

DIR-004 

DrR-005 

DTR-006 

DIN-011 

DIN-024 

DIN-031 

DIA-012 

DrA-013 

DrP-004 

DIU-OOl 

DTK-OOl 

DrK-002 

DrK-003 

DrK-004 

DrK-005 

DTK-OOe 

DTK-OO? 

DIK-008 


RAM  ejq)ansic»i.  Total  2MB 
RAM  exp)ansion,  Total  4MB 
RAM  expansion.  Total  SMB 
RAM  expansion,  Total  12MB 
RAM  expansion.  Total  16MB 
Ethernet  Controller 
Transceiver  Cable 
Transceiver 
Single  Waveguide 
Dual  Waveguides 
Mouse 

80387SX  Math  Co-processor 
Enhanced  Keyboard,  U.S. 
Enhanced  Keyboetrd,  U.K. 
Enhanced  Keyboard,  German 
Enhanced  Keyboard,  Fren<^ 
Enhanced  Ke^xard,  Iteilian 
Enhanced  Keyboard,  Spanish 
Enhanced  Kei^Doard,  Swedi^ 
Enhanced  Keyboard,  Swiss 


Additional  Options  Available  on  TSX-OOl: 


DrD-043 

DrD-062 

DrD-063 

DrD-064 

DrD-065 

DrD-068 

DrD-072 

Dn>-073 

DrD-074 

DrD-075 


3.5"  1.44MB  Flc^py  Drive  (Flcjpy  2) 
32MB  Removable  Drive  (SCSI  1) 

60MB  Removable  Drive  (SCSI  1) 

107MB  Removable  Drive  (SCSI  1) 
204MB  Removable  Drive  (SCSI  1) 
44.5MB  Cartridge  Drive  (SCSI  1) 
32MB  Removable  Drive  (SCSI  2) 

60MB  Removable  Drive  (SCSI  2) 

107MB  Removable  Drive  (SCSI  2) 
204MB  Removable  Drive  (SCSI  2) 
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Conputer,  Personal 


Manufaicturer 
City,  State 
Description 


(Continued) 

DrD-078 

DrP-002 

DrP-022 


TSX-XXX 

44.aiB  Cartridge  Drive  (SCSI  2) 
VGA  Monitor  (llOV) 

VGA  Monitor  (220V) 


Please  note:  Certain  drive  combinations  unavailable. 


Addditional  Cptions  Available  c»i  TSX-002: 


EfrD-053 

nrD-055 

DrD-082 

DrD-083 

DrD-084 

DrD-085 

DrD-088 

DrP-002 

DrP-022 


3.5”  1.44MB  Flofpy  Drive  (Flofpy  2) 
5.25”  1.2MB  Floipy  Drive  (Floppy  2) 
32MB  Removable  Drive  (SCSI  1) 

6(»!B  Removable  Drive  (SCSI  1) 

107MB  Removable  Drive  (SCSI  1) 

204MB  Removable  Drive  (SCSI  1) 
44.5MB  Cartridge  Drive  (SCSI  1) 

VGA  Monitor  (llOV) 

VGA  Monitor  (220V) 


Please  note:  Certain  drive  ccaxibinations  unavailable. 


Hetra  Ccmputer  &  Camnunications  105TL-286/12-1XX 
Sebastian,  FL 

Ihe  Model  105TL-286/12-1XX  is  a  large  footprint  PC/AT 
cxar^tible  Personal  Ccnputer.  The  basic  unit  is 
equipped  with  a  12  MHz  80286  CEU,  1MB  RAM  (expandable 
to  8MB  in  1MB  increments) ,  two  RS-232  serial  ports,  one 
parallel  port,  flcppy/hard  disk  controller,  video 
controller,  101— IT  keyboard  and  two  each  disk  drive 
bays  that  can  each  accommodate  two  half-hei^t  drives. 
An  80287  math  cc^rocessor  is  available. 


Configured  Options: 


Model  Number  Description 

105TI/-286/12-100  Basic  Unit  with  Included  Options 


4814T  VGVESA  Display 
5040300  EGA  Controller 
H7356302  1.2MB  Flc^py  Disk  Drive 

H7356102  40MB  Removable  Hard  Disk 
Drive 

CB220302  80287  Ifeth  Coprocessor 


Additional  Options: 


H7357402 

H7356301 

H7357401 

50702000 


1.44MB  3.5”  Floppy  Disk  Drive 
360kB  5.25”  Floppy  Disk  Drive 
720kB  3.5”  Floppy  Disk  Drive 
100MB  Removable  Hard  Disk  Drive 
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(Continued)  105TI>286/12-IXX 

51193000  VGA  CCTltroller 

51188000  Monochrcme  Ocaxtroller 

50405-002  1MB  Additicml  Memory  (each) 

50804000  Mouse 

50900000  44MB  Cartridge  Drive 

H7357700  8(MB  Tc^je  BacJo?) 

Conputer,  Personal  Hetra  Conpiter  &  Ccraiminications  105TIi-386/SX-IXX 

Sebastian,  FL 

Hie  Model  105TIj-386/SX-1XX  is  a  large  footprint  PC/AT 
compatible  Personal  Conputer.  Hie  basic  unit  is 
equipped  with  a  80386/SX  CPU,  1MB  RAM  (ejpandable  to 
8MB  in  1MB  increments) ,  two  RS-232  serial  ports,  one 
parallel  port,  floppy/hard  disk  controller,  video 
controller,  lOl-lT  keyboard,  two  each  disk  drive  bays 
that  can  each  accommodate  two  half-hei^t  drives.  An 
80287  math  ccprocessor  is  available. 

Configured  Options: 

Model  Number  Description 

105TL-386/SX-100  Basic  Unit  with  Included  Options 

4814T  VGVBGA  Display 
50403000  EGA  Controller 
H7356302  1.2MB  Floppy  Disk  Drive 

H7356102  40MB  Removable  Hard  Disk 
Drive 

CB220302  80287  Math  Coprocessor 

Additional  Options: 

H7357402  1.44MB  3.5"  Floppy  Disk  Drive 

H7356301  360kB  5.25”  Floppy  Disk  Drive 

H7357401  720kB  3.5"  Floppy  Disk  Drive 

50702000  100MB  Removable  Hard  Disk  Drive 

51193000  VGA  Controller 

51188000  Monochrome  Controller 

50405-002  3MB  Additional  Memory  (each) 

50804000  Mouse 

H7357700  80MB  Tape  Backup 

50900000  44MB  Cartridge  Di^  Drive 

51638-000  8-port  Intelligent  Serial  Communications 

Interface 

Ccmputer,  Personal  Hetra  Computer  &  Communications  105TS-286/12-1XX 

Sebastian,  FL 

Hie  Model  105TS-286/12-1XX  is  a  small  footprint  PC/AT 
compatible  Personal  Computer.  Hie  b^ic  unit  is 
equipped  with  a  12  MHz  80286-CHJ,  1MB  RAM  (expandable 
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MEUiufeu±urer 
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Descxipticm 


(Continued)  105TS-286/12-1XX 

to  SMB  in  1MB  increments) ,  two  RS-232  serial  ports,  one 
parallel  port,  flqK>y/hard  disk  controller,  101-lT 
keyboard,  and  one  disk  drive  bay  that  can  accoraraodate 
two  half-hei^t  drives.  An  80287  math  coprocessor  is 
available. 


CcKifigured  Options; 


Model  Number 
105TS-286/12-100 


Descripjtion 

Basic  Unit  with  included  cptions 
4814T  VGA/EGA  Display 
50403000  EGA  Controller 
H7356302  1.2MB  Flcppy  Disk  Drive 

H7356102  40MB  Removable  Hard  Disk 
Drive 

CB220302  80287  Math  Coprocessor 


Conputer,  Personal 


Additioral  Options: 


H7357402 

H7356301 

H7357401 

H7356101 

50702000 

51193000 

51188000 

50405-002 

50804000 


1.44MB  3.5”  Floppy  Disk  Drive 
360kB  5.25”  Flqfpy  Disk  Drive 
720kB  3.5”  Flcppy  Disk  Drive 
20MB  Remcfvable  Hard  Disk  Drive 
100MB  Removable  Hard  Disk  Drive 
VGA  Controller 
Monochrome  Controller 
IMB  Additional  Memory  (each) 
Mouse 


Hetra  Computer  &  Communications  105TS-386/SX-1XX 
Sebastian,  FL 

Ihe  Model  105TS-386/SX-1XX  is  a  Small  Footprint  PC/AT 
compatible  Personal  Computer.  Uie  basic  unit  is 
equipped  with  a  16Mhz  80386/SX  CHJ,  1MB  RAM  (ejpandable 
to  SMB  in  1MB  increments) ,  two  RS-232  serial  ports,  one 
parallel  port,  floppy/hard  disk  controller,  video 
controller,  101-lT  hstyhoard  and  a  disk  drive  bay  that 
can  accommodate  two  hcilf-hei^t  drives.  An  80387/SX 
math  co-processor  is  available. 

Configured  Options: 


Model  Number;  Description 

105TS-386/SX-100 
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Basic  Iftiit  with  Included  Cptions 

4814T  VGA  Di^lay 
4000H(lVGft/VGA  Controller 


Equipment  Category 


Model  Mo 


Corputer, 


Ccarpiter, 


Manufaicturer 
City,  State 
DesesrLption 

(Continued)  105TS-386/SX-1XX 

2512  1.2MB  Floppy  Disk  Drive 
2251  40MB  Removable  Hard  Disk  Drive 
1387-20  leMhz  Math  Co-Processor 


Additional  Options: 


2314 

2503 

2100 

4000-MCM) 

SIMM-80 

1003T 

2944^ 

8803 

8909 

2150 

2350 

4820T 

4000-MRGB 

9301T-1 


1.44MB  3.5”  Floppy  Disk  Drive 
360Kb  5.25”  Floppy  Disk  Drive 
BOMB  Renovable  Hard  Drive 
Monochrome  Ccaitroller 
1MB  Additional  Memory  (Each) 
Mouse 

44MB  Cartridge  Drive 
3-OCM  Ethernet  Adapter  Board 
SCSI  Controller 

179MB  Removable  SCSI  Hard  Drive 
332MB  Removable  SCSI  Hard  Drive 
Hi-Res  20”  Color  Monitor 
Hi-Res  Video  Controller 
Scanner  Controller  Card 


Personal  Intemationcil  Technology  Corp.  ITC  PC  386/33-TE 

McLean,  VA 

The  TCS-300,  based  on  the  Sharp  Jfcxiel  JX-300  Scanner, 
is  a  versatile  flatbed  color  scanner  ideally  suited 
for  scanning  different  sized  documents  or  for  scanning 
information  from  bound  material.  The  scanner  may  be 
set  to  operate  in  either  color  or  monochrome  modes  xp 
to  300  X  300  dots  per  inch  resolution.  The  TCS-300  is 
ocsrpatible  with  IEEE-488  (GPIB)  interface. 

Personal  Mitek  Systems,  Inc.  610TE 

San  Diego,  CA 

The  610TE  is  a  general  purpose  coitputer  workstation 
based  on  the  ^ple  Ccaxputer  Macintosh  Ilsi  OEM. 

Each  workstation  is  equipped  with: 

.  Motorola  MC68030  32  bit  OU  (20MHz) 

.  Embedded  Page  Memory  Management  IMit  (IMMU) 

.  Optional  Motorola  MC6882  Floating-point  Ccprocessor 
.  a©  Main  Memory  (1MB  on  Motherboard,  4MB  in  Memory 
Bank) 

.  One  Option  NuBus  Expansion  Slot 
.  One  ^ple  Desktcp  Bus  (ADB)  Ports 
.  TEMPEST  ^ple  ADB  Mouse 
.  tempest  ^pple  ADB  Extended  Rei^soard 
.  Two  RS-232/RS-422  (LocalTalk)  Ports  (Printer/Modem 
Ports) 

.  SCSI  Port 

.  1.44MB  3.5”  internal  fl<ppy  disk  drive 
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(Continued)  610TE 

.  aiilt-in  8  Bit  Video,  up  to  640  x  480  resolution 
.  Sound  Irput  Port 

.  Apple  Sound  C^p  generates  8  bit  stereo  saitpling  at 
44.1  kHz  and  includes  fcur-voioe  wave-table  ^nithesis, 
internal  speaker 

.  Monaural  8  bit  sound  with  digital— analog  conversion 
using  11  or  22  Miz  saiiple  rate 
.  100-270  VAC,  47-63  Hz,  self  configuring  AC  power 

unit 

.  Fewer  cord  included 

.  System  software,  HyperCard  and  manual  included 
Base  System: 

610TE  TEMPEST  Macinto^  Ilsi,  Extended  Ke^ixard  & 

Mouse 

Configured  Options: 

Model  Description 

610TE-40/5  Basic  Unit  with  40  MB  removable  hard 
drive  and  5MB  RAM 

610TE-44/5  Basic  Ikiit  with  44MB  Sycjiest  Cartdridge 

Drive  and  5MB  RAM 

610TE-80/5*  Basic  Unit  with  80  MB  removable  hard 
drive  and  5MB  RAM 

Note:  This  CFU  configuration  si?ports  the  ajple  A/UX 
Operating  System 

Additional  Factory  Installed  options  available  for  the 
610TE 

600M102  16MB  RAM  Ipgrade  (Brings  System  Total  to 
17MB) 

610M354*  RasterCps  8L  8  Bit  Video  Board 
610M356*  RasterO^  24L  24  Bit  Video  Board 
610M373*  Apple  Macintosh  8*24GC  video  Di^lay 
CarxV'Graphics  Accel 

600M376  2MB  ERAM  for  Afple  8*24GC  Video  Card 

600M377  8MB  ERAM  for  ipple  8*24GC  Video  Card 

610M420*  EtherTalk  Interface 

610M501  Apple  NuBus  Slot  Adapter  Card  (incl. 

Coprocessor  MC68882) 

*  Requires  NuBus  Adapter  Slot  Card  option  (610M501) 

Additional  User  Installable  options  available  for  the 
610TE: 
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(Continued) 

60CM201 

600M202 

600U204 

600M301 

600M302 

60CM400 

600M401 

600M402 

600U501 

600M502 

600U504 

600M600 

600M603 


610TE 

Spare  40MB  Rerocjvable  Hard  Disk 
Spare  8CMB  Removable  Hard  Di^ 

Blank  Syquest  44MB  Removable  Cartdridge 

i^le  12"Hi^  Resolution  Ifonochrcme  Monitor 

;^le  13"Hi^  Resolxition  Color  Monitor 

localTalk  Network  Interface 

10  Meter  localtalk  Cable 

25  Meter  LocalTalk  Cable 

Spare  Extended  Keyboard 

Micrqphone 

Spare  Mouse 

Ifiiiversal  Mcsiitor  Stand 
Hard  Disk  Drive  Locking  Device 


Mitek  Systems,  Inc.  650TE 

San  Diego,  CA 

J^le  Macintosh  IIx  Personal  Ccsrrputer  with  a  68030  CEU 
and  68882  ccprocessor.  Each  650TE  is  equipped  with  an 
extended  keihoard  and  mouse,  six  NuBus  e>qansion  slots 
and  five  I/O  ports  (2  Deskt^  Bus  ports,  2 
RS-232/RS-422  serial  ports  and  1  SCSI  port) .  SIMMS  RAM 
supports  vp  to  32MB  of  main  memory.  Internal  mass 
storage  consists  of  one  1.44MB  diskette  drive  capable  of 
reading  DOS,  OS/2,  and  ^ple  formats  aixi  ip  to  three 
additional  disk  drives.  All  mass  storage  devices 
feature  the  security  and  flexibility  of  removable 
media/drives.  Each  650TE  includes  the  Macintodi 
Operating  System,  a  Medeco  Enhanced  Security  Fewer  Lock 
(front  panel) ,  and  User  Documentation.  Ihe  650TE  may 
also  be  configured  with  additional  monitors, 
ocroinunicati(aVnetworkirig  interfaces,  and  other  cptions. 
Options  allow  the  650TE  to  be  eperated  in  a  desktep, 

19"  rack  mount,  or  "TCWER"  configuration. 


Configured  Options: 


Model  Number  Description 


650TE/1 

Base  Unit  Plus; 

650TE/4 

Base  Unit  Plus; 

650TE-40/1 

Base  Unit  Plus; 

650TE-40/4 

Base  Unit  Plus 

650TE-80/1 

Base  unit  Plus 

650TE-80/4* 

Base  Unit  Plus 

IMB  Main  Memory 

4MB  Main  Memory 

1MB  Main  Memory 

40MB  Removable  Hard  Drive 

4MB  Main  Memory 

40MB  Removable  Hard  Drive 

IMB  Main  Memory 

80MB  Removable  Hard  Drive 

4MB  Main  Memory 

BOMB  Removable  Hard  Drive 
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Manufacturer 
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Description 


(Continued)  650TE 

*  Note:  This  CHJ  configuration  supports  the  ;^le  A/UX 
Operating  System  available  from  ^ple. 

Additional  Options  Available  cai  edl  Models: 


Option  Number  Option  Descaription 


65(m00 

650M101 

650M200 

650M201 

650M202 

650M203 

650M300 

650M301 

Video  Card 
650M302 
Card 
650M303 
650M350 
650M400 
650M501 
650M502 
650M600 
650M601 
650M602 
650M603 


1MB  Memory  Expansion 

4MB  Memory  Expansion 

3.5”  1.44MB  Diskette  Drive 

40MB  Removable  Hard  Drive 

8CMB  Removable  Hard  Drive 

44MB  Removable  Cartridge  Hard  Drive 

12”  Monochroroe  Monitor 

12”  Monochrcme  Monitor  with  ^^le  8  bit 

13”  Color  Monitor  with  i^le  8  bit  Video 

13”  Color  Monitor 
i^le  8  bit  Video  Card 

localTalk  Interface  Box  with  2  Meter  Cable 

Extended  Rei^joard 

Mouse 

Universal  Monitor  Stand 
Tcwer  Configuration  Pedestal  Kit 
19”  Rack  Mounting  Kit 
Hard  Disk  Drive  locdcing  Device 


Mitek  Systems,  Inc.  660TE 

San  Diego,  CA 

The  660TE  is  a  general  purpose  ccnputer  workstation 
based  on  the  i^le  Computer  Macintosh  life  OM. 

Each  workstation  is  equiped  with: 

.  Motorola  MC68030  32  bit  dU  (40MHz) 

.  Embedded  Page  Memory  Management  IMit  (IMMU) 

.  Motorola  MC68882  Floating-point  Ccprocesspr 
.  32kB  SRAM  Cache  Memory  (Zero-Wait-State) 

.  4MB  Main  Memory  (in  Memory  Bank  A) 

.  Six  NuBus  Expansion  Slots 
.  One  Processor  Direct  Slot 
.  Two  J^le  Desktop  Bus  (ADB)  Ports 
.  IIMPEST  i^le  ADB  Mouse 
.  TEMPEST  T^le  ADB  Extended  Keilxjard 
.  Two  RS-232/RS-422  (localTalk)  Ports  (Printer/Modem 
Ports) 

.  SCSI  Port 

.  1.44MB  3.5”  internal  floppy  disk  drive  (FOID) 

.  Medeco  Enhanced  Security  Pcwer/Kieyboard  Lock 
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(Continued)  660TE 

.  i^le  Sound  Qiip  generates  8  bit  stereo  sanpling  at 
44.1  kHz  and  incliJdes  four-voice  wave  table 
synthesis,  internal  speaker 
.  100-270  VAC,  47-63  Hz,  self  configuring  AC  power 

ii^jut 

.  Power  cord  included 

.  Si^tem  software,  HyperCard  and  manual  included 


BASE  SYSTEM; 


660TE;  TEMPEST  Macintosh  life.  Extended  Keyboard  & 
Mouse 

Configured  Options: 

Model#  Product  Description 


660TE-40/4 

660TE-40/8 

660TE-80/4* 

660TE-80/8* 


Base  Unit 
&  4MB  PAM 
Base  Unit 
&  8nb  PAM 
Base  IMit 
&  4MB  PAM 
Base  Unit 
&  8MB  PAM 


with  40MB 
with  40MB 
with  8CMB 
with  80MB 


Pemovable 

Peraovable 

Pemovable 

Pemovable 


*  Note;  This  CEU  Oonfiguraticxi  si^ports  the 
Operating  system 


Hard  Drive 
Hard  Drive 
Hard  drive 
Hard  Drive 
i^ple  A/UX 


Additional  Factory  Installed  options  available  for  the 
660TE 


option  # 

opric»i  DESCRipric»j 

660M101 

4MB  SIMM  Memory  EJ5)ansion 

660M102 

16MB  SIMM  Memory  Ejqjansion 

660M200 

3.5-indh  1.4  MB  Diskette  Drive  (2nd 
Drive) 

600M203 

SyQuest  44MB  Pemovable  Cartridge  Hard 
Drive 

660M354 

PasterOps  8L  Hihg  Resolution  8-bit 
graphics  board 

660U355 

PasterOps  8L  VRAM  Expansion  Kit 

660M356 

PasterOps  24L  Hi^  Resolution  24-Bit 
graphics  board 

660M357 

PasterOps  800GC  GrajMcs  Accelerator 
Board 

660M358 

4MB  CRAM  Expansion  Kit  for  PasterOps 
800GC 

600M359 

16MB  I»AM  E}q)ansion  Kit  for  PasterOps 
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(Continued) 

600M370 

600U371 

600M373 

600M420 


660TE 

800GC 

i^le  Macinto^  4*8  8-bit  Display  Card 
Apple  Macintosh  4*8  Display  Card  VE?AM 
Ejqansion  KIT 

^ple  Macintosh  8*24  24-bit  Display  Card 
Ethernet  NB  card 


Additional  User  Installable  options  available  for  the 
660TE 


Cotputer,  Personal 


600M201 

600M202 

600U204 

600M300 

600M303 

600M400 

600M401 

600M402 

600U501 

600U504 

600M600 

600M601 

600M602 

600M603 


Spare  40MB  Removable  Hard  Drive 
Spare  80MB  Removable  Hard  Drive 
Blank  Syquest  44MB  Removable  Cartdridge 
Afple  12"  Hi^  Resolution  Monochrome 
Monitor 

Ajple  13"  Hi^  Resolution  Color  Monitor 
LocalTalk  Network  Interface  Kit  With  2 
meter  cable 

10  Meter  LocalTalk  Network 
25  Meter  Localtalk  Network  Cable 
Spare  Extended  Keyboard 
Spare  Mouse 

Universal  Monitor  Stand 
Tower  configuration  pedestal  kit 
19"  Rack  Mounting  Kit 
Hard  Disk  Drive  Locking  Device 


Mitek  Systems,  Inc.  T5270ECI 

San  Diego,  CA 

i^le  Macintosh  Ilci  Personal  Ccnputer  includes  a  25MHz 
68030  CPU  and  68882  coprocessor.  Each  T5270Eci 
inclixles  an  extended  ke^hoard  and  mouse,  three  NuBus 
ejqiansion  slots  and  five  I/O  ports  (2  DeskTop  Bus 
ports,  1  RS-232  serial  port,  1  RS-422  serial  port  and  1 
SCSI  port) .  Memory  configuration  of  the  base  CPU  is 
4MB  (RAM)  expandable  to  8MB  (32MB  with  System  7.0) . 
Internal  mass  storage  consists  of  one  1.44MB  floppy 
diskette  drive  capable  of  reading  DOS,  OS/2,  and  i^ple 
formats  and  one  additional  disk  drive.  All  itass 
storage  devices  feature  the  security  and  flexibility  of 
removable  media/drives.  Each  T5270Eci  includes  the 
Macintosh  Operating  System  and  user  documentation.  The 
T5270Eci  can  be  configured  with  various  monitors, 
ccrartamicatior/networking  interfaces,  and  other  options 
listed  belcw. 


Configured  Options; 

Model  Number  Description 
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Eqvdpment  Category 


Model  No. 


Manufacturer 
City,  State 
Description 

(Continued)  T5270ECI 

T5270Eci  Base  IMit  Plus:  4MB  Main  Meatnory 

T5270Eci-40  Base  ISiit  Plus:  4MB  Main  Mesraory 

40MB  Removable 
Hard  Drive 

T5270Eci-80  Base  iMt  Plus:  4MB  Main  Memory 

80MB  Removable 
H5u?d  Drive 

Additional  Options  Available  on  all  Models: 

650M100  1MB  Memory  Expansion  Kit  (Makes 

total  5MB) 

650M101  4MB  Memory  Eiqansion  Kit  (Makes 

total  8MB) 

650M102  16MB  Memory  Es^ansion  Kit  (Makes 

total  20MB) 

27X01  Spare  40MB  Drive  and  Tray  Assembly 

27X02  Spare  8(»1B  Drive  and  Tray  Assembly 

27023ci  12”  Monodirome  Monitor  (640x480) 

with  internal  video  interface 
27024ci  13”  RGB  Monitor  (640x480)  with 

internal  video  interface 

650M400  localTeilk  Connector  Box  (w/2  meter 

network  cable) 

650M401  10  meter  LocalTalk  Network  Cable 

650M402  25  meter  LocalTalk  Network  Cable 

Corrputer,  Personal  Mitek  Systems,  Inc.  T5270ECX 

San  Diego,  CA 

;pple  Macintodh  Ilex  Personal  Computer  includes  a  16MHz 
68030  CPU  and  68882  ccprocessor.  Each  T5270Ecx 
includes  an  extended  keihoard  and  mouse,  three  NuBus 
expansion  slots  and  five  I/O  ports  (2  DeskTop  Bus 
ports,  1  RS-232  serial  port,  1  RS-422  serial  port  ^  1 
SCSI  port) .  Memory  configuration  of  the  base  CPU  is 
4MB  (RAM)  expandable  to  8MB  (32MB  with  System  7.0) . 
Internal  mass  storage  consists  of  one  1.44MB  floppy 
diskette  drive  capable  of  reading  DOS,  OS/2,  and  ipple 
formats  and  one  additional  di^  drive.  All  m^s 
storage  devices  feature  the  securil^  and  flexibili'^  of 
removable  itedia/drives.  Each  'I5270Ecx  inclxjdes  the 
Macinto^  Oparating  System  and  user  documentation.  Ihe 
T5270ECX  can  be  configured  with  various  monitors, 
ccraraunicatioiVnetworking  interfaces,  and  other  options 
listed  below.. 

Configured  Options: 
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Equipnent  Category 


Ccsnputer,  Personal 


Model  No. 


T5270ECX 

Description 


4MB  Main  Memory 
4MB  Main  Memory 


Manufacturer 
City,  State 
Descudption 

(Continued) 

Model  Number 

T5270ECX 

T5270Ek3f-40 


T5270ECX-80 


Base  Wiit  Plus 
Base  Unit  Plus 

Base  Unit  Plus 


40MB  Removable 
Hard  Drive 
4MB  Main  ^femory 
80MB  Removable 
Hard  Drive 


Additional  Options  Available  on  all  Models: 


650M100 

650M101 

650M102 

27X01 

27X02 

27023 

27024 

650M400 

650M401 

650M402 


1MB  Memory  Expansion  Kit  (Makes 
total  EMB) 

4MB  Memory  Ej^^ansion  Kit  (Makes 
total  8MB) 

16MB  Memory  Ej^^ansion  Kit  (Makes 
total  20MB) 

i^jare  40MB  Drive  and  Tray  Assembly 
Spare  BOMB  Drive  and  Tray  Assembly 
12"  Monodhrome  Monitor  (640x480) 
w/8-bit  video  card 
13"  RGB  Monitor  (640x480)  w/8-bit 
video  card 

LocalTalk  Connector  Box  (w/2  meter 
network  cable) 

10  meter  LocalTalk  Network  Cable 
25  meter  LocalTalk  Network  Cable 


Mitek  Systems,  Inc.  T5300-E 

San  Diego,  CA 
Basic  Configuration: 

Ihe  T5300E  is  a  TEMPEST  version  of  the  IBM  PS/2  Model 
70  desktop  conpiter.  It  features  the  80386  CPU,  IMB 
system  RAM,  1.44MB  3.5"  Floppy  Drive,  a  60MB  Removable 
Hard  Drive,  101-key  Keyboard,  VGA  Port,  a  Serial  and 
Parallel  Port. 


It  may  be  configured  with  xjp  to  13MB  of  RAM,  80387 
Ccprocessor,  Multi-protocol  Ccramunications  Adapter, 
Ethernet,  or  a  3270  Connection. 

Additional  Options  Available: 

30001  6(»!B  Removable  Hard  Drive 

30002  12"  color  VGA  Display 

30003  Mouse 

30004  Multi-protocol  Ccaiiraunications  Adapter 
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Equipment  Category 


Disk  Drive 


Display 


Manufacturer  Model  No. 

City,  State 
Description 


(Continued) 

30005 

30006 

30007 

30008 

30009 

30010 


T5300-E 

30cm  Etherlirik  MC 

80387/16MHZ  Ooprocjessor 

3270  Connection  Adapter  Card 

2MB  RAM  Ejqansion  (3MB  Total  System) 

4MB  RAM  Ej^ansion  (a©  Total  System) 

12MB  RAM  Expansion  (13MB  Total  System) 


Candes  Systems  Incorporated  601T-5(X 

Harlei^ille,  PA 

Ihe  Model  601T-XX  is  a  general  purpose  dual  disk  drive 
cabinet  with  a  pcwer  supply  and  2  SCSI  connectors.  Ihe 
601T-XX  can  be  configured  with  one  or  two  drives.  Ihe 
601T-XX  accepts  removable  cartridge  and  standard  hard 
drives. 


Configured  Options: 

601T-01  HD-01  Internal  44MB  Removable 

Cartridge  Disk  Drive 
(SYQUEST  SQ555) 

CA-01  36"  TEMPEST  Peripheral  SCSI 
Cable  (25-pin  D  Connector) 

TE-01  TEMPEST  SCSI  Terminator 

601T-02  HD-01  Internal  44MB  Removable 

Cartridge  Di^  Drive 
(SYQUEST  SQ555) 

HD-01  Second  Internal  44MB  Removable 
Cartridge  Disk  Drive 
(SYQUEST  SQ555) 

CA-01  36"  TEMPEST  Perijheral  SCSI 
Cable  (25-pin  D  Connector) 

TE-01  TEMPEST  SCSI  Terminator 

Candes  Systems  Incorporated  2319T-XX 

Harleysville,  PA 

Ihe  2319T-XX  is  a  TEMPEST  version  of  the  Radius  TH)/19 
Two  Page  Hi^  resolution  19  inch  Monochroine  Display. 

Ihe  2319T-XX  is  designed  to  generate 
photographic-qualil^  images  in  256  shades  of  gray  on  a 
Macintosh  II  System.  Ihe  Di^lay  is  ccsipatible  with 
the  Macintosh  SE,  SE/30  and  coirpatibles.  Ihe  Dii^lay 
si;pports  Windows  3.0,  VGA,  EGA,  OGA,  MDA,  and  Hercules 
Modes. 
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Equipment  Category 


Model  Mo. 


Display 


Display, 


Di^lay, 


Manufacturer 
City,  State 
Description 

(Continued)  2319T-XX 

Configured  Opticais: 


Basic  Unit  w/ 

Model  Included  Colons 

2319T-01  I/O-l  One  ENC  connector  for 

PS-343A  interface 

Hetra  Coirputer  &  Oc»Bnunicatic«is  4820T 

Sebastian,  FL 

Hie  Model  4820T  is  a  20”  Hi^  Resolution  Color  Monitor 
viiich  automatically  admits  to  any  scan  line  frequencies 
and  is  compatible  with  ary  hi^  resolution  video 
application  up  to  1280  x  1024  pixels.  Hie 
Model  4820T  inputs  are  triax  ccainectors  designed  for  a 
RGB  analog  iiput  signal  with  a  s^arate  TTL  sync,  a 
composite  TTL  sync  or  an  analog  (0.3Vp-p)  sync  on  green 
signal. 

Color  Candes  Systems  Incorporated  2219T-XX 

Harleysville,  PA 

Hie  2219T-XX  is  a  19-inoh  P22  Riosphor,  PIL,Ultra  High 
Resolution  Ctolor  Monitor,  with  a  1600H  x  1200V  format 
(non-interlaced)  resolutiOTi  and  a  scan  rate  of  46  to 
80WIZ  (Auto-Trak)  horizontal,  47  to  80Hz  (Auto  Trak) 
vertical.  Hie  aspect  ratio  is  4:3  and  a  bri^tness  of 
30fl.  calibrated  and  internal  or  external  synce 
selection  at  rear  panel  (intemal-ccmposite  horizontal 
and  vertical  sync  ccmibin^  on  green  video  channel) . 
Switch-selectable  iiputs  for  impedance  matching  (hi^  Z  or 
75  ohms) . 

Configured  Opticais: 

Model  No.  Basic  Ikiit  w/Included  Options 

2219T-01  10-01  3  BNC  Connectors  for  RGB 

Irput;  Sync  on  Green 

DP-01  CRT  Pitch  =  0.31mm 

Color  Delta  Data  Systems  Oorp.  EM1490TE 

Columbia,  MD 

Hie  EM1490TE  is  an  analog  14  inch  multi-scan  color 
monitor  with  resolution  of  vp  to  1024  by  768.  Hie 
monitor  features  automatic  adjustment  to  scan 
frequencies  of  30  to  35kEiz  and  autosensing  of  110  or 
220  volt  power.  Hie  EM1490TE  is  based  on  a  CTX  model 
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Equipment  Category 


Model  Mo 


Display,  Color 


Facsiniile 


Manufacturer 
City,  State 
Description 

(Continued)  IKL490TE 

CVP-5468  cxjlor  monitor. 

Model  Nuniber:  Basic  Unit  with  included  options: 

CM1490TE  Monitor 

Additional  cations  available  on  all  models: 

PSA-001  9  pin  bo  9  pin  cable 
RSA-002  15  pin  to  9  pin  cable 
PSA-003  25  pin  to  9  pin  cable 

Hetra  Ccaiputer  &  CoraraunicaticMTS  4814T 

Sebcistian,  FL 

The  4814T  is  a  14"  Multiscan  Color  Display. 

Ilex  Systems,  Inc.  750T 

Milpitas,  CA 

The  ILEX  750T  TEMPEST  facsimile  is  a  fUlly-featured, 
desk-tcp  facsimile  transceiver  with  30  sheet  automatic 
document  feeder  providing  either  synchronous  or 
asyrichronous  digital  ccxnraunications  throu^  SIU-III, 

STU-II,  KG-84A/C  or  other  GFE  encryption  equiipment. 

Interface  types:  PS-232C  Asynchronous 

(3001:ps  -  19.2Ktps) 

Synchronous 
(2.4W:^  -  9.6kbps) 

Scanning  Method:  Flat  Bed  by  Solid  Image  Sensor 

(CCD  Array) 

Pecording  Method:  Hi^  Speed  Hiermal  Printer 

(196  X  204  Ipi  maximum)  with 
automatic  paper  cutter  and 
maximum  8.5”  x  328-foot  paper  roll 
Standard  Protocols  St^ported:  MILr-STD-188-161B  Type  1 

Compressed  and  STANAG 
5000  Type  1  Ccmpressed 
rp  to  9.6]<bps 

CCm  Nonstandard  Protocols  Supported:  P3312/TA  and  R2112T 

(both  synchronous 
and  asynchronous) 
and  V3500T 

Formats:  Black  and  vhite  and  16  shade  halftone 
grayscale 

Original  Document  Size:  Maximum  11”  x  39.4” 

Minimum  5.8”  x  2.9” 

Auto  Peduction  to  8.5”  width 

Additional  features: 
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Equipment  Category 


Facsimile 


Manufacturer  Model  No. 

city.  State 
Description 

(Continued)  750T 

Standard  and  fine  resolutions  with  3-level  contrast  control 
TransmissioiVreoeption,  activity  and  configuration  reports 
Cc^  mode 

Transmissicxi  verification  staitp 

Auto-dial,  polling  and  turn-around  polling  capabilities 
Statistical  imiltiplexer,  X.25  PAD  and  digital  PBX 
coanopatible 

One-way  ASCII  terminal  mode 

Document  storage,  retrieval  and  distribution  throu^  PC- 
based  software 

Dimensions:  16.5"W  x  16.0''D  x  7.8''H 
Wei^t:  38  lbs. 

Power:  115/230  VAC,  50/60  Hz  Switchable,  selectable, 
internally 

Ilex  Systems,  Inc.  760T-X 

Milpitas,  CA 

Model  760T  -  the  basic  configuration. 

The  Ilex  760T  TEMPEST  facsimile  is  a  fully-featured, 
desk-tc^  facsimile  transceiver  with  30  ^eet  automatic 
document  feeder  providing  either  synchronous  or 
asynchronous  digital  ccramunications  throu^  SIU-III, 

SIU-II,  R3-84VC,  Ky-57/58  or  other  GFE  encryption 
equipment. 

Interface  types:  RS-232C  Digital 

cisynchronous  (OOOkps  -  19.2W:ps) 
synchronous  (2.4bps  -  9.6WDps) 

Scanning  Method:  Flat  Bed  by  solid  Image  Sensor  (CCD 
Array) 

Recording  Method:  Hi^  Speed  Ihermal  Printer  (196  x  204 
Ipi  maximum)  with  autcraatic  paper 
cutter  and  maximum  8.5”  x  328-foot 
paper  roll 

Standard  Protocols  Sv^^rted:  MIIi-SID-188-161B  Type  1 
Coaoopressed  and  STftNAS  5000  Type  1 
compressed  i;p  to  9.6W:ps 

CCTTT  Nonstandard  (Modified  G3)  Protocols  Supported: 

R33121/TA,  R2112T  (both  sychronous 
and  asychronous)  and  V3500T 

Formats:  Black  and  vhite  and  16  shade  halftone 
grayscale 

Qrigincil  Document  Size:  Maximum  11”  x  39.4” 
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Model  No 


Meuxufacturer 
City,  State 
Descxiption 

(Continued) 


760T-X 

MinuMUti  5.8"  x  2.9" 

Auto  Reduction  to  8.5  width 


Facsimile 


Additicml  Features; 

Autcraatic  protocol  detecticai  in  receive  mode 

One  touch  protocol  prograinming  in  transmit  mode 

Standard  and  fine  resolutions  with  3— level  contrast 
control 

TransmissioiVreception,  activity  and  configuration 
reports 

Copy  mode 

Transmissirai  verificaticai  staiip 

Auto-dial,  polling  and  tum-around  polling  capabilities 

Statistical  multiplexer,  X.25  PAD  and  digital  PBX 
ccnpatible 

One-way  ASCII  terminal  mode 

Document  storage,  retrieval  and  distribution  throu^ 
PC-based  software 

Dimensions:  16.5'*W  x  16.0"D  x  7.8"H 

Wei^t:  361bs. 

Power:  115/230  Vac,  50/60  Hz  Switchable, 

selectable  internally 


Time  &  Space  Processing,  Inc.  9100-X-XX 

Sunnyvale,  CA 

Ihe  TSP  9100-x-xx  is  a  digital  facsimile  machine.  Each 
facsimile  is  pacikaged  in  a  li^twei^t,  ^rtable 
package  and  is  equipped  with  an  8-1/2"  wide  scanner 
(F2010-1507) ,  thermal  printer  (F2010-0384)  and  paper 
cutter  (F2010-1333) .  The  9100-x-xx  Easy  Fax  comes 
preconfigured  as  ^own  belcw  with  one  or  more  of  the 
following  features:  Strategic  Group  3  protocols, 
MIL-STD-188-161A  (STANAG)  protocols,  MIL-STD-188-161A 
(STANAG  with  FEC)  protocols,  a  110  or  110/220 
switchable  pcwer  supply  and  VDE  pcwer  isolation. 

Base  Unit  with  Following  Included 
Model  No.  Features 


TSP  9100-E 


TSP  9100-A-60 


VDE  Isolatiorv'220v  Base  with  Step 
Down  Transformer 
Strategic  G3  Protocol 
MIIr-STD-188-161A  Protocol  (STANAG 
with  FEC) 

Standard  Base 
Strategic  G3  Protocol 
MIIr-STD-188-161A  Protocol  (STANAG 
with  FEC) 
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Manufacturer 
dty/  State 
Description 

(Continued) 


TSP  9100-A-65 


TSP  9100-A-20 


TSP-9100-A-25 


Interface,  Comraunications  Mitek  Systems,  Inc. 

San  Diego,  CA 

Ihe  SPC-12TE  is  a  Serial  Protocol  Ctoaiiraunications  Interface 
that  provides  signcilling  protocols  ccaipliant  with 
MIIi-STCH-ieiB,  Type  1  Equipment.  The  SPC-12TE  enables 
digital  facsimile  products  to  ccsnraunicate  in  the 
MIL-STD-188-161B  Type  1  inodes  of  c^ieration.  The  SPC-12TE 
is  designed  to  allow  for  placement  directly  below  the 
facsimile  to  conserve  desktop  space.  The  SPC-12TE 
coeomunicates  with  the  facsimile  in  standard  PS-232  and  with 
Government  Rimished  Equipment  in  MIIr-STD-188-114 . 

The  SPC-12TE  has  two  operating  modes;  1)  normal  mode 
(MIIr-STD-l61B  Type  1  protocol)  and  2)  bypass  mode 
(synchronous/asynchronous  protocols) .  The  SPC-12TE  is 
transparent  to  the  cxiraraunications  process  once  the  proper 
selections  have  been  made  from  the  front  panel. 

The  SPC-12TE  operates  at  50/60HZ  and  115  (+/“  10%)  VAC  or 
220/240  (+/“  10%)  VAC.  The  input  power  operating 
characteristics  are  switch  selectable  on  the  SPC-12TE 
enclosure. 

Standard  Features; 

-  External  clock 

-  Normal  mode:  meets  MIIf-STD-188-161B  Type  1 
extended  protocol,  simplex,  half  duplex,  full 
duplex,  broadcast,  unootpressed,  F.E.C. , 
handshake  mode  protocol. 

-  Bypass  mode;  asynchronous  and  synchronous 
protocols 


Model  Mo. 


9100-X-XX 

110  VAC  Power  Supply 

Standard  Base 
Strategic  G3  Protocol 
MIIr-STD-188-161A  Protocol  (STANAG 
with  FEC) 

110/220  Switchable  VAC  Power 
Supply 

Standard  Base 
Strategic  G3  Protocol 
110  VAC  Pcwer  Supply 

StcUTdard  Base 
Strategic  G3  Protocol 
110/220  VAC  Switchable  Power 
Supply 

SPC-12TE 
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Eguipntent  Category 


Model  No 


IAN,  Fiber  Optic 


Manufacturer 
city.  State 
Description 

(Continued)  SPC-12TE 

-  Auxiliary  power  output  for  facsimile 
Resolution:  Normal  mode  (16IB) 

-  a.  100  X  200  LPI(DPI) 

-  b.  200  X  200  LPI(DPI) 

-  c.  100  X  100  IPI(DPI) 

Data  conpression:  MH  coding 

Forward  error  correction:  BCH  coding  (normal  mode) 
Protocol  type: 

Normal  node:  MIL-STD-161B  Type  1  compatible  fax 
Bypass  node  con^tibility:  (equipments  based 
vpcxi  the  follcwing) 

Mit^  850T/850T-1 
Riooh  R-2112T 
magnet 
Riooh  R-2100 

Riooh  3500T  (Rev  1  &  2)  SST  (Rev  J) 
Riooh  R-2110 
Riooh  R-211(M 
Riooh  R3312T(A) 

Interface:  Stu  II,  STO  III,  R3-84,  RS-84A 
Dimensions:  Stand-alone  -  17.4 (w)  x  13.2(d)  x  1.8(h) 
inches 


FiberCora,  IiKorporated  7441-XX 

The  WhisperLarv'DPT-T  is  a  dual  ring,  fault-tolerant, 

I hiRF  802.3  compatible  fiber  cptic  local  area  network. 
The  standard  7441-61  configuration  iroludes  intra-ring 
operation,  120V  supply  voltage,  desk  tcp  packaging, 
62.5/125um  fiber,  and  ST  style  fiber  optic  connectors. 

Configured  Options: 

Base  Part  Number:  7441-XX 

7441-OX:  No  bypass  switch 

7441-5X:  50/125  Fiber  Size 

7441-6X:  62.5/125  Fiber  Size 

X  Connector  Power  Req.  Mounting 


1  ST 

2  ST 

3  ST 

4  ST 


120V/60HZ  Etesk  Tcp 

120V/60HZ  Rack 

240V/50HZ  Desk  Tcp 

240V/50HZ  Rack 
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Equipment  Category 


Network 


Perijiieral  Cabinet 


Manufacturer  Model  Mo. 

City,  state 
Description 

(Continued)  7441-XX 


5  SMA 

120V/60HZ 

Desk  TCp 

6  SMA 

120V/60HZ 

Rack 

7  SMA 

240V/50HZ 

Desk  Tep 

8  SMA 

240V/50HZ 

Rack 

Digital  Equipment  Corporation 

RF-H4005-XX 

Nashua,  NH 

Local  Area  Network  Ccrartiunications  Network.  Uie 
RF-H4005-XX  is  fully  ccnpliant  with  tkft:  802.3.  It 
provides  the  heartbeat  function  and  enplqys  fiber  cptic 
connectivity  between  the  TEMPEST  Ethernet  network  and 
the  TEMPEST  device  connected  to  the  network.  Ihe  basic 
model  includes  the  RF-BNSOl-xx,  RF-Ethemet  cable  kit 
vdiich  includes  the  fiber  optic  c^le  and  the  DC  power 
cable  and  the  BNE-2A-XX  network  interconnect  coaxial 
cable. 

Model  Numbers: 

RF-H4005-AA  TEMPEST  Ethernet  Transceiver,  120  VAC,  60  Hz. 
RF-H4005-AB  TEMPEST  Ethernet  Transceiver,  240  VAC,  50  Hz. 

Mitek  Systems,  Inc.  T5401E 

San  Diego,  CA 

Ihe  T5401E  TEMPEST  SCSI  Peripheral  Cabinet  is  a  general 
purpose  mass  storage  system.  Each  T5401E  Cabinet  can 
accomodate  one  industry  standard  full-hei^t  device 
or  v^to  two  industry  standard  half-hei^t  devices. 

Ihe  cabinet  uses  the  Small  Computer  Systems  Interface  (SCSI) 
for  the  SCSI  interface  readily  connects  to  any  ccmputer 
with  a  SCSI  controller  (i^le  Macintosh,  IBM  or 
compatible  computers,  for  instance) .  Six  cabinets  with 
full  hei^t  devices  or  three  cabinets  with  half-hei^t 
devices  can  be  joined  together  to  form  a  single  unit. 

Mass  storage  devices  can  be  mixed  and  matched  subject 
only  to  SCSI  ID  limitations.  Standard  features  include: 
Si:pplied  with  one  fullHhei^t,  one  half-hei^t,  or  two 
halh-hei^t  storage  devices  of  either  3.5"  form  factor 
or  5.25"  form  factor.  Stackable  interconnecting  cabinet 
design  for  maximum  flexiblity.  Front  door  provides  easy 
access  to  removable  media  and  removable  drives.  lED's 
on  door  shew  drive  and  cabinet  power  status.  Single 
latch  per  door.  Extended  cables  allowing  desk  or  floor 
use.  Single  power  switch.  110/220  VAC, 50/60  Hz. 

Configured  Options: 

Model  Bcisic  Cabinet  with  Included  Options 

(At  least  caie  option  must  be  ordered) 
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Manufacturer 
city.  State 
Description 


T540IE 


Model  No. 


Printer,  Color  Video 


(Continued) 

T5401E-B 

T5401E-XM 

T540IE-XU 


pagif!  cabinet  with  SCSI  cable. 


E}q)ansl^  cabinet,  factory  installed. 
Ejqansion  cabinet.  Field  service 


installed. 


Options  Available  for  all  Models; 


Optical 


Description 


401TP150-H 

401TP4MM--F 

401TP8MM-F 

401FM45S-H 

401FM45B-MH 

401EM45B-DF 

40IFM45B-SF 

401OPCDR-H 

401OPW0R-F 

4010P128-H 

401OPBOD-F 

401HD105-H 

401HD200-H 

401HD350-SF 

401HD350-FF 

401HD400-H 

401HD700-F 


150  MB  1/2  hei^t  streaming  tape  drive. 
1.3  GB  DAT  4  mm  full  hei^t  tape  drive. 
2.5  GB  DAT  8  mm  full  hei^t  Syquest 
retrovable  cartridge  drive. 

45  MB  1/2  hei^t  Syquest  removable 
cartrige  drive. 

45  MB  1/2  hei^t  Bernoulli  removable 
cartric^e  drive,master. 

Dual  45  MB  Bernoulli  removable 
cartridge  drives,  full  hei^t. 

45  MB  full  hei^t  Bernoulli  removable 
cartdrige  drive, slave. 

550  MB  CD  PCM  1/2  hei^t  drive. 

640  MB  WORM  drive,  full  hei^t. 

128  Flc^py  Optical  drive,  1/2  hei^t. 

650  MB  Erasible  Optical 
Drive,  full  hei^t. 

105  MB  1/2  hei^t  Winchester  Disk. 

200  MB  1/2  hei^t  Winchester  Di^. 

350  MB  full  hei^t  Winchester  disk. 

350  MB  full  hei^t  Winchester  Disk,hii^ 
speed  access. 

400  MB  1/2  hei^t  Winchester  Disk. 

700  MB  full  hei^t  Winchester  Disk. 


Hetra  Conputer  &  Coraraunications  3443T 

Sebastian,  FL 

Hi^  resolution  color  video  printer.  Ihe  3443T  is  a 
full  cxDlor  video  printer  that  provides  the  custom^  the 
hipest  quality,  accuracy  and  resolution  of  brilliant 
color  images.  Ihe  3443T  contains  a  built-in,  hi^ 
speed  intelligent  video  processing  interface  vhich 
eliminates  the  need  to  write  any  ^jecial  software  to 
drive  the  printer.  In  addition,  the  3443T  has  the 
ability  to  handle  any  analog  or  TTL  video  image  ip  to  a 
1280  X  1024  resolution. 
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Equipnent  Category 


Printer,  Dot  Matrix 


Printer,  Dot  Matrix 


Maimfeicturer  Model  MO. 

City,  state 
Description 

Dataproduc±s  New  England,  Inc.  90X0~2T-X 

Wallingford,  CT 

The  90X0-2T-X  is  a  family  of  dot  matrix  printers.  The 
9000  models  emulate  the  most  popular  9  pin  dot  matrix 
printers  on  the  market,  i.e.,  IBM  ProPrinter,  and  the 
Epson  FX-86/286E. 

Model  Nos. 

9030-2T-X  -  Basic  configuration:  80  column,  250  cps  at 
10  cpi,  9  wire  dot  matrix,  universal  power 
supply,  Centronics  and  serial  interface 

9040-2T-X  -  Basic  configuration:  132  column,  250  cps  at 
10  cpi,  9  wire  dot  matrix,  xmiversal  power 
supply,  Centronics  and  serial  interface 

Available  Options  on  All  Models: 

“R  Rugged  option  for  MIIi-STD-810D  conpliance 
-E  EMI  option  for  MIL-STD-461C  cosnpliance 
-M  Multi-interface  qption;  RS232,  RS422,  RS423, 
MIL-STD-188C,  and  KSR 
-C  Color  option 

North  Atlantic  Industries,  Inc.  P24-Tte 

Haippauge,  NY 

The  P24-Te  is  a  dot  matrix  iitpact  printer,  capable  of 
printing  at  speeds  up  to  240  cps  in  the  draft  mode.  In 
■toe  letter  qualil^  mode,  the  P24-Te  prints  at  80  cps,  and 
in  the  correspondence  mode  at  120  cps.  The  print  line  is 
136  columns  at  10  pitch,  graphics  resolution  is  180  x  180 
<^i  and  the  standard  buffer  size  can  be  set  to  7K  or  23K. 
Full  Epson  Emulation  and  standard  Gothic  and  Courier 
resident  fonts  ensure  software  compatibility.  The  P24-Te 
prints  seven  colors  and  operates  at  a  quiet  55  dB.  It 
interfaces  using  a  standard  Centronics  Parallel  Interface  or 
an  optional  RS-232  Serial  Interface. 

Model  Number  Descripticai 

P24-Te  (FO)  Basic  Configuration  llOV  US,  Parallel 

Interface,  US  line  cord 

Configured  Options: 


FO 

Line  cord  llOV  US 

FI 

220V  Euro 

F2 

240V  Ifriited  Kingdom 

F3 

220V  Dani^ 

F4 

220V  Swiss 
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Model  No. 


Printer,  Ink  Jet 


Maimfaurturer 
City,  State 
Description 

(Continued)  P24-Te 


ADCsessories; 

A04-S0007-00 

A04-S0008-00 

AP40041A 

AP40040A 

APIAWQ2801A 

APEM»a2901A 

ATPAMQ1501A 

789098 

787670 

787671 


Single  Bin  Sheet  Feeder 
Second  Bin  Optical 
Black  Fabric  Ribbon 
Color  Ribbon 

Prestige  Elite/Tienpo  Font  Cartridge 
OCR-A/Qrator  Font  Cartridge 
64K  Expansion  Buffer  Cartridge 
Sericil  Interface  Asseitbly 
Parallel  Interface  Cable 
Sericil  Interface  Cable 


North  Atlantic  Industries,  Inc.  DesfcJet-Te 

Hai^jpauge,  NY  , 

The  NAI  DeskJet-Te  is  an  equivcilent  to  Hewlett-Packard  s 
DeskJet  product.  It  uses  a  plain  paper,  drcp^n-demand 
thermal  inkjet  printing  methcxi.  Print  speed  is  120  cps 
in  the  letter  totality  mode  and  240  cps  in  the  draft  mode 
vp  to  3  per  minute.  Resolution  in  the  letter  cjuality 

mode  is  300  x  300  (%)i  and  300  x  150  ^i  in  the  draft  mode 
vMle  full  page  graphics  can  be  printed  at  75,  100,  150,  or 
300  dpi.  Ihe  portrait  print  format  includes  5,  6,  10,  12, 
16  ,  67  ,  20,  or  24  pitch  printing  and  6  or  12  point 
prcportional  printing  d^jending  cai  font  selection.  The 
landscape  print  format  includes  10,  16,  67,  or  20  pitch 
printing.  A  built-in  100  ^eet  feeder  handles  letter, 
legal,  and  A4  size  paper  vhile  envelopes  my  be  i^ually 
fed.  Standard  features  include  water-resistant  ink, 
Microsoft  Windows  3.0  cJriver,  Centronics  parallel,  RS-232 
serial  interfacjes,  and  a  16Kbyte  buffer. 


Model  Number  Description 

DeskJet-Tte  (FO)  Basic  Configuration  llOV  US,  US  line 

cord 


Configured  Options; 

FO 

FI 

F2 

F3 

F4 

Accessories: 

Font  Cartri(3ges 


Machine  Type  llOV  US 

220V  Euro 
240V  United 
Kingdom 
220V  Danish 
220V  Swiss 


Full  line  of  HP  InkJet  font 
cartridges 
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Ekraiptnent  Category  Manufacturer  Model  No. 

City,  State 
Description 

(Continued)  DeskJet-Tte 

RAM  Cartridges  128Kbyte  and  256Kl:yte 

Soft  Fonts  Full  line  of  HP  Inkjet  soft  fonts 

Language  Cartridges  Epson  FX-80  and  IHyi  Prqprinter  III 
Interface  Cables  Serial  and  Parallel 

Printer,  Laser  Hu^es  Data  Systems  1L03-T 

Anaheim,  CA 

Ihe  in)3-T  laser  Itinter  is  a  general  purpose  laser 
printer  based  on  the  HP  Laser  Jet  III  for  personal 
ccmputer  and  workstaticsi  hardcopy  output.  Elach  printer 
includes  1  MB  RAM,  a  Centrcaiics  parallel  interface,  an 
RS-232-C  serial/RS-422A  differential  serial  interface, 
letter  size  pc$)er  tray  and  appropriate  power  cord.  The 
standard  printer  features  a  print  speed  of  ip  to  8  ppm 
and  a  300  <%)i  text  and  grc^jhics  resolution.  Ihe  1L03-T 
sipports  additional  memory  via  two  memory  slots.  Add-on 
font  cartridges  are  supported  via  two  font  cartridge 
openings.  Cptional  I/O  is  supported  throu^  an  I/O 
ejpansion  port. 

Options 

Power 

000  U.S.  Versicai  -  115  VAC  /  60Hz 

001-022  International  Version  -  220-240  VAC  /  50  Hz 

Memory  Boards 

101  1  MB  Memory  Expansion 

102  2  MB  Memory  Expansion 

Note:  Ihe  printer  randcm  access  memory  (RAM)  may  be 
exp^ed  by  installing  1  or  2  MB  memory  boards  in  the 
available  two  memory  slots,  for  up  to  a  total  of  5  MB  RAM. 

FOTt  Cartridges 

600  Master  Key  Cartridge  (two  supplied  with  printer) 

601  Word  Perfect 

602  Microsoft 

603  itolii^ed  Wor]csheets 

604  Persuasive  Presentations 

605  Forms  Eltc. 

606  Bar  Codes  and  More 
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Printer,  Laser 


Maimfzicturer  Model  No. 

City,  state 
Description 

(Continued)  in)3-T 

607  Test  Equations 

608  Glctal  Text 

609  Great  Start 

610  ProOollection 

Mitdc  Systems,  Inc.  104TE 

San  Diego,  CA 

Desktop  laser  Printer  based  cai  the  4  page-per-minute 
Hewlett-Packard  LaserJet  IIP  printer.  With  the 
optional  localTalk  interface  (includes  Adobe  PostScript 
cartridge) ,  the  104TE  fully  seaports  Macintodi  software 
and  hardware. 

Configured  options; 

Model  Nuitber: 

104TE  50/60HZ  110-115VAC 

104TE-1  50/60HZ  220-240VAC 

Special  features  included; 

Print  Speed;  4  Pages  Per  Minute 
Interfaces;  RS-232-C  (300-19,200  baud) 

RS-422-A  (300-19,200  baud) 

Parallel  (DB25) 

Paper  size;  Letter,  Le^,  A4,  Executive,  Envelopes 
Correct  Order  Output 
Internal  fonts;  14 
Internal  syirbol  sets;  24 
1  Font  Cartridge  Slot 

Memory;  512kB  (300  dpi  half-page  graces) 

Manory  Eipansion;  2  Memory  slots  available  allows  for 

\jp  to  4.5MB  tot^  memory  using  1MB  and 
2MB  memory  \:|^rades. 

Additional  eptions  available  on  all  models; 

108M101  1MB  memory  ipgrade  (Total  1.5MB) 

108M102  2MB  memory  ipgrade 

104M425  localTalk  Interface  Cption 

Includes;  Basic  Printer  with  localTalk  Interface, 

Adobe  PostScript  Cartri(^e,  IMB  memory  xpgrade. 
104M600  lower  Cassette;  Lett^  Size 
104M601  lower  Cassette;  A4  Size 
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Printer,  Laser 


Manufacturer  Model  No. 

City,  State 
Description 

Mit^  Systems,  Inc.  108TE 

San  Diego,  CA 

Desktop  Laser  Printer  based  c»i  the  8  p>age-per-minute 
Hewlett  Packard  LaserJet  III  printer.  Ihe  LaserJet  III 
utilizes  HP's  innovative  Resolution  Enhancement 
Technology  and  features  HP's  PCL  printer  language  with 
integrated  HP-Gr/2  pen  plotter  language.  With  the 
<^ional  Adobe  PostScript  cartridge  and  i^leTalk 
interface,  the  108TE  fully  si^ports  Macintosh  software 
and  harctufare. 

Configured  options: 

Model  Number: 

108TE  50/60HZ  110-115VAC 

108TE-1  50/60HZ  220-240VAC 

Special  features  included: 

Print  Speed:  8  Pages  Per  Minute 

Interfaces:  RS-232-C,  RS-422-A,  Centronics 

Parallel 

Pajjer  Size:  Letter,  Legal,  A4,  Executive, 

Envelc^jes 

Correct  Order  Output 
2  Font  Cartridge  Slots 

Memory:  1MB  (ejqandable  to  5MB) ,  300  dots 

per  inch  full-page  graphics 

Additional  options  available  on  all  models: 

Ifein  Memory  Options:  Allow  2,  3,  4,  and  5MB 

configurations 

108M101  IMB  additional  memory  (up  to  2 

may  be  used) 

108M102  2MB  additional  memory  (ip  to  2 

may  be  used) 

108M420  AppleTalk  Interface.  Requires 

PostScript  Cartridge  and  IMB  of 
additional  memory  (2MB  total  memory) 

4  port  sericil  interface  card: 

4  port  interface  with  256kB 
Buffer  Memory 

4  port  interface  with  IMB  Buffer 
Memory 

Milti-user  interface  provictes  four  serial  ports  and  a 
buffer  that  si^ports  spooling  and  allows  multiple  users 


Milti-user, 

108M400 

108M401 
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Printer,  laser 


Printer,  Laser 


Manufacturer  Model  No. 

City,  State 
Description 

(Continued)  108TE 

to  share  the  printer.  The  interface  utilizes 
intelligent  buffer  management  and  job  recognition 
algorithms.  All  four  devices  can  input  data 
simultaneously  at  i;p  to  19.2K  baud,  and  activity  by  any 
device  will  neither  step  nor  slew  the  data 
transmission  of  the  other  devices. 

I&ilti-user  4  port  parallel  interface  card: 

108M410  4  port  interface  for  hi^ 

performance  graphics  si:5port 

Mitek  Systems,  Inc.  ISOIE 

San  Diego,  CA 
Base  System: 

The  130TE  TEMPEST  PostScript  Laser  Printer  is  based  on 
and  has  all  of  the  features  of  the  ®1S  PS  810.  These 
include:  a  16MHz  Motorola  based  controller  with  1MB  of 
PCM  and  2MB  of  RAM  (an  additioncil  IMB  of  RAM  is 
optional) ,  35  resident  fonts  fully  scalable  and 
rotatable  from  4  points  vpward,  emulation  of  the  Diablo 
630,  HP  LaserJet  Plus  (HP-PCL) ,  and  the  HP7475A  Plotter 
(HP-GL) ,  a  resoluticMi  of  300x300  dots  per  inch,  and 
RS-232C,  RS-422/ippleTalk,  Centronics  parallel 
interfaces. 

Configured  Options: 

MODEL  NUMBER: 

130TE  50/60HZ  110-115VAC 

130TE-1  50/60HZ  220-240VAC 

Additional  Options  Available  on  all  Models: 

130M100  IMB  Additional  Memory 

Mitek  Systems,  Inc.  T5271E 

San  Diego,  CA 

The  T5271E  is  a  general  purpose  LaserWriter  based  on 
the  l^le  Computer  LaserWriter  IINT  OEM.  Each  unit  is 
equijped  with: 

Cannon  IBP  SX  Laser  Xerographic  Engine 
12MHz  6800  Processor 
1MB  ROM 
2MB  RAM 

RS-422  LocalTalk  Interface 
RS-232C  Interface 

300x  300  dots  per  inch  (dpi) ,  full  page 
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Manufeicturer  Model  No. 

CLty,  State 
Description 

(Continued)  T5271E 

11  fonts  Families 

8  Pages  per  minute  maximum  throu^out 

Adobe  PostScript  and  subset  of  Diablo  630  commarids 

Letter,  Legal,  A4  and  B5  size  paper  trays 

16  to  20  pound  single-^eet  photoo(^jy  bond 

8  to  34  pound  letterhead  and  colored  stocdc 

Tran^jarency  overhead  film 

Envelope  cassette  edacity  of  15  envelopes 

90  to  126  VAC  50/60  Hz 

Shielded  Fewer  cord  included 

Utilities  software  and  manual  included 

Options  available  for  T5271E 

600M400  LocalTalk  Network  Interface  Connector  Kit 
(includes  2  Meter  LocalTalk  Cable) 

600M401  10  Meter  LocalTalk  Network  Cable 
600M402  25  Meter  localiaik  Network  Cable 

North  Atlantic  Industries,  Inc.  Las^  III-Te 

Hav:ppauge,  NY 

The  NAI  Laser  III-Te  is  an  equivalent  to  Hewlett 
Packard's  Laser  III  printer.  It  can  print  vp  to  8 
pages  per  minute  producing  resolution  enhanced  300  dot 
per  inch  text  and  graphics.  The  Laser  III-Te  is 
capable  of  printing  on  cutsheet  paper,  transparencies, 
and  envelcpes.  Standard  features  include  a  200  sheet 
irput  tray,  bitmapped  and  scalable  internal  fonts,  IMB 
RAM,  and  Centronics  Parallel,  and  RS-232-C/RS-422-A 
Serial  (300-19,  200  baud)  interfaces.  Ihe  Laser 
IIID-Te  option  includes  a  second  200  ^eet  irput  tray 
and  IXplex  printing  (both  sides  of  the  paper) . 

Model  Numbers  Description 

Laser  III-Te  (FIOOO)  Basic  Configuration  -  llOV  US, 
Laser  IIID-Te  (FIOOO)  1  MB  Serial  and  Parallel 

interfaces,  US  line  cord 


Ordered  Options; 


1.  FI — 

F2 - 

F3 - 

F4 - 

F5 - 

2 .  F-0 —  Meanory 
F-l~ 

F-2— 

F-3— 


llOV  US  Standard 
220V  Euro  Engli^ 
220V  Euro  German 
220V  Euro  Spanish 
220V  Euro  French 
0  MB  Additional 

1  MB  Additioncil 

2  MB  Additional 

3  MB  Additional 


Ifadhine  Type 
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Printer,  Laser 


Manufacturer  Model  Mo* 

City,  State 
Descripticai 


(Continued) 


F-4— 

3.  F— 0- 

OpticxiEil 

F— 1- 
F— 2- 
F— 3- 
F— 4- 

Interfaces 

4.  F - 0 

F - 1 

F - 2 

F - 3 

F - 4 

Line  Cord 

laser  III-Te 
4  MB  Additicaial 
Nc»ie 

Serial  ShareSpool,  1  Meg 

Serial  ShareSpool,  256K 

Parallel  ShareSpool,  1  Meg 

^^leTalk 

IIOV  US 

220V  Euro 

240V  United  Kingdom 
220V  Danish 
220V  Swiss 


AOCESSOKEES; 

Letter,  Legal,  A4,  Executive, 

Envelope 

Full  line  of  stanciard  HP 
bitmapped  and  scalable  font 
cartridges 

Stardard  HP  Adcbe  Postscript, 

Epson  Fj</IEM  Prc^rinter' 

Serial,  Parallel,  ShareSpool,  and 
;^letalk 

North  Atlantic  Industries,  Inc.  Laser  IIP-Tte 

Hai;5pauge,  NY 

Ihe  NAI  Laser  IIP-Te  is  an  equivalent  to  Hewlett  Packard's 
Laser  IIP  printer.  Producing  vp  to  4  pages  per  minute 
with  a  300  dot  per  inch  resolution  the  Laser  IIP-Te  is 
capable  of  printing  on  cutsheet  paper,  transparencies, 
and  envelopes.  Standard  features  include  a  50  ^eet 
multi-purpose  input  tray,  fourteen  internal  fonts,  512K 
RAM  and  Centronics  Parallel  and  RS-232-C/RS-422-A  Serial 
(300-19,200  baud)  interfaces. 

Model  Number  Description 

Laser  IIP-Te  (FIOOO)  Basic  Oongfig.  110  V  US,  512K  Serial 

and  Parallel  interfaces 
US  line  cord 

configuration  number  from 

llOV  US  Std. 

220V  Euro  Engli^ 

220V  Euro  German 
220V  Euro  Spani^ 

220V  Euro  French 
0  MB  Additional 
1  MB  Additional 
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Configured  Options:  (build 
list  belcw) 

1.  FI —  Machine  Type 
F2 — 

F3 - 

F4 - 

F5 - 

2.  F-0 —  Memory 
F-1— 


Paper  Trays 
Font  Cartridges 

Language  Cartridges 
Interface  Cables 


Equipment  Category 


Model  Mo 


Scanner 


Scanner,  Color 


Manufacturer 
City,  State 
Description 


(Continued) 

F-2~ 

F-3— 

F-4~ 

3.  F— 0- 
F--1- 
F--2- 

4.  F - 0 

F - 1 

F - 2 

F - 3 

F - 4 

Accessories: 


Laser  IIP-Te 

2  MB  Additional 

3  MB  Additional 

4  MB  Additional 

Interfaces  Serial  and  Parallel 

Serial  ShareSpool 
i^leTalk,  Serial  and 
Parallel 

Line  Cord  llOV  US 

220V  Euro 

220V  United  Kingdom 
220V  Dani^ 

220V  Swiss 


H33472A 

Font  Cartridges 
language  Cartridges 
Interface  Cables 


Lcwer  Cassette  250  sheet  itput 
tray 

Full  line  of  HP  font 
cartridges 

Ad(±)e  Postscript,  Epson  Fj^IBM 
Preprinter 

Serial,  Parallel,  ShareSpool 
and  ^pleTalk 


Hetra  Ccatrputer  &  Ccramunications  9301T-X 

Sebastian,  FL 

Hi^  resolution,  hi^  speed  flat-bed  CCD  Grayscale  Graphics 
Scanner  capable  of  capturing  256  levels  of  gray  with  8-bit 
grayscale  or  16  levels  of  4-bit  grayscale.  Ihe  9301T-X 
acc^ts  originals  of  8.5  x  11.7  inches  and,  with  the 
optional  automatic  document  feeder,  can  accept  ip  to  8.5  x 
14  inch  originals.  Scaling  ranges  frem  4  to  200%.  At  300 
(^i  and  100%  scaling,  the  9301T-X  has  a  resolution  of  2.8 
lines  per  millimeter  in  the  X  and  Y  directions.  Output 
files  are  ocstpatible  with  TIFF,  Microsoft  Paint,  GEM,  EPSF, 
and  PC  Paintbru^.  The  basic  unit  will  have  a  proprietary 
interface. 

Configured  Cptions: 

9301T-1  Basic  Unit  with  Parallel  Interface 

Additional  Options: 

52254  Automatic  Document  Feeder 

SFA,  Inc.  TCS-300 

Landover,  MD 

The  TCS-300,  based  on  the  Sharp  Model  JX-300  Scanner, 
is  a  versatile  flatbed  color  scanner  ideally  suited 
for  scanning  different  sized  documents  or  for  scanning 
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Model  Mo. 


Server  Processor 


Server  Processor 


Tape  Drive 


Manufacturer 
City,  state 
Description 

(Continued)  TCS-300 

information  from  bound  material.  The  scanner  may  be 
set  to  operate  in  either  color  or  mcsiochrome  modes 
to  300  X  300  dots  per  inch  resoluticai.  The  TCS-300  is 
conpatible  with  iEEE-488  (GPIB)  interface. 

Digital  Equipment  Oorporatirai  RF-DEOH-XX 

Nashua,  NH 

The  RF-VT320-XX  is  a  mcaiochrcme  text-only  video  terminal. 

The  screen  measures  14”  diagcaial  and  is  flat.  All 
electronics  for  the  terminal  are  housed  within  the  monitor. 
The  RF-IK201-XX  ke^xsard  is  used.  One  ccram  port  and  one 
printer  are  included  in  the  basic  model.  The  terminal  is 
set  for  120  or  240  volt  operaticai  at  the  factory  ty  a  jxarper 
wire;  50  or  60  Hz  power  can  be  used. 

Configured  Opticxis: 

RF-VT320-A2;  120  Volt  with  attached  power  cord-no  keyboard. 
RF-vr320-A3;  240  Volt,  IK)  power  cord,  no  keyboard. 
RF-Vr320-AA;  RF-VT320-A2  with  RF-IiQOl-AA,  USA  keycaps. 
RF-VT320-DA;  RF-Vr320-A2  with  RF-IiC201-BA,  US^WPS  keycaps. 
RF-VT320-AB;  RF-Vr320-A3  with  RF-IIQOI-AA,  IBA  keycaps. 
RF-Vr320-DB;  RF-VT320-A3  with  RF-IK201-BA,  USVWPS  keycaps. 

Digital  Equipment  Corporation  RF-DSRVB-XX 

Na^ua,  NH 

The  RF-DSRVB-XX  provides  the  interface  for  ei^t 
asynchronous  RS-232  devices  to  Digital's  TEMPEST 
Ethernet.  The  eight  serial  data  communication  channels 
run  at  rates  up  to  19.2Kb/s.  The  local  area  network 
ccamecticai  is  supplied  by  the  SIU  interface,  vhich 
provides  lOMB/s  data  throu^put  to  the  TEMPEST 
Ethernet.  The  TEMPEST  Ethernet  connection  is  made  by 
fiber  optic  link  using  a  TEMPEST  fiber  cptic  tap  (the 
RF-H4000)  attached  to  the  bacddxsne  coax  cable. 

Model 

RF-DSRVB-AA  TEMPEST  CSiCserver  200,  120  VAC,  60  Hz 
RF-DSRVB-AB  TEMPEST  DECserver  200,  240  VAC,  50  Hz 

SEA,  Inc.  TGP-802 

Landover,  MD 

The  TGP-802  is  a  stand-alone  8inm  tape  drive  assembly, 
using  the  helican-scan  technology.  It  is  powered  from  a 
110V/220V  AC  source  and  uses  a  standard  SCSI  data 
interface.  The  unit  has  a  nominal  storage  capacity  of 
2.3  GBytes  and  a  transfer  rate  of  246kB.  The  major 
ccmponents  are: 
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Terminal 
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(Continued)  TGP-802 

EXB-8200  Tape  Drive  (Exabyte  Corporation) 

Fewer  Si^jply 
Fewer  Line  Filter 

Options; 

Model  No. 

Aex^ess  Keyswitch  802-01 

Remote  Address  Option  802-02 

Digital  Equipment  Corporation  RF-vr320-XX 

Nashua,  NH 

The  RF-VT320-XX  is  a  monocdircme  text-only  video  terminal. 

The  screen  measures  14"  diagonal  and  is  flat.  All 
electronics  for  the  terminal  are  housed  within  the  monitor. 
The  RF-IIQOl-xx  keyboard  is  used.  One  comm  port  and  one 
printer  are  included  in  the  basic  model.  The  terminal  is 
set  for  120  or  240  volt  operation  at  the  factory  by  a  juitper 
wire.  50  or  60  Hz  power  can  be  used. 

Configured  Options; 

RF-vr320-A2;  120  Volt  with  attached  power  cord-no  keyboard. 
RF-VT320-A3;  240  Volt,  no  power  cord,  no  ke^^xard. 
RF-Vr320-AA;  RF-Vr320-A2  with  RF-IK201-AA,  USA  keycaps. 
RF-VT320-EA;  RF-VT320-A2  with  RF-1K201-BA,  USVWES  keycaps. 
RF-Vr320-AB;  RF-Vr320-A3  with  RF-IK201-AA,  USA  keycaps. 
RF-VT320-DB;  RF-VT320-A3  with  RF-IiC201-BA,  USA/WPS  keycaps. 

Digital  Equipment  Corporation  RF-VX120-XX 

Na^ua,  NH 

The  RF-VX120-XX  DECwindow  terminal  is  a  monoohreroe,  hi^ 
resolution,  bitmapped  X  Window  System  terminal.  The 
terminal  may  be  connected  to  single  or  multiple  hosts  via 
Digital's  TEMPEST  ETHERNET.  Either  fiber  optic  ETHEKNET  or 
the  standard  15-pin  IEEE  802  connectorization  is  allowed. 
Multiple  application  windows  may  be  used  for  information, 
and  the  terminal  (conforms  to  open  standards. 

Configured  Options 

Model  Basic  Iftiit  with  Included  Options 

All  basic  units  include  VXlOA  system  unit, 

2Mb  memory,  RF-IK201-FA  kejtoard,  and  VSXXX 
mouse. 

RF-VX120-AA  TEMPEST  DECwindows  Terminal,  15-pin  ETHERNET 
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(Continued)  RF-VX120-XX 

port,  120v 

RF-VX120-AB  TEMPEST  DElCVindcws  Terminal,  15-pin  ETHERNET 
jxort,  240v 

RF-VX120-BA  TEMPEST  EECX/indcws  Terminal,  Fiber  cptic 
EIHERNET  port,  120v 

RF-VX120-BB  TEMPEST  CEO/indcws  Terminal,  Fiber  cptic 
ETHERNET  port,  240v 

Options  for  RF-VX120-AA  and  RF-VS120-BA  ONLY 

RF-VE?260-AA  Monochrone  hi^  resoluticai  monitor,  120v 
RF-YE1260-A3  Monochrome  hi^  resoluticai  monitor,  240v 

Options  Available  for  All  Models 

VX10X-44D  1Mb  meanory  i:pgrade 

Terminal,  X-Windows  Hetra  Conputer  &  Ctomraunications  X-130T 

Sebastian,  FL 

The  Model  X-130T  attaches  to  the  RISC-6000/320T  Workstation 
via  Ethernet  and  Token-Ring  IANS  and  uses  X-Window  System 
allowing  users  to  VR3rk  with  graphics  applications  that  run 
remotely.  The  X-130T  uses  a  hi^  performance  graphics 
processor  to  execute  display,  windowing,  keihoard  and  mouse 
cxanmands. 

The  Basic  Unit  is  equipped  with: 

32MHz  TMS34020  Text/Gr^hic  I>rocessor;  12.5MEIZ  I/O 
Processor. 

IMByte  Video  Memory,  Eipandable  to  2MByte;  2MByte  System 
Memory  ejpandable  to  16MByte. 

■'P-inch  Color  Monitor,  Model  4820T. 

101-lT  Keyboard. 

Ethernet  Hi^  Perforarance  LAN  adapter. 

Monitors  Sipperted:  (Auto  Configuration) 

640  X  480 
1024  X  768 
1280  X  1024 

Sericil  and  Parallel  Ports. 
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(Continued)  X-130T 

Options  to  the  X-130T  are  Listed  Below: 

Token  Ring  Hi^  Performance  Adapter. 

J^llo  Computer,  Incorporated  TIU3500 

North  Billerica,  MA 

Ihe  TCN3500-M6C-19-R-X  is  a  personal  vrorkstation  equipped 
with  a  32  bit,  25MHz  MC68030  micrcprocessor  and  a  7-slot 
lEM  PC  AT-ccmpatible  bus  interface.  It  has  a  MC68882 
floating  p»int  coprocessor,  8MB  of  RAM,  and  three  RS-232 
SIO  ports.  A  lew  profile  detachable  keit)oard  with  32 
programmable  functicai  keys,  numeric  keypad,  and  mouse 
irput  device  is  provided.  A  19-inch  monochrome,  1280  x 
1024,  64Hz  non-interlaced  display  is  the  standard 
display  configuration.  Uie  IAN  is  a  fiber  optic 
version  of  the  standard  12MB/sec  baseband  i^llo  token 
ring  network.  Mass  storage  is  provided  by  a  348MB 
(formatted)  HS  ESDI  Winchester  disk.  The  removable 
media  is  a  60MB  1/4-inch  cartridge  tape  drive. 

TCN3500^6C-19-R-8  -  Basic  Configuration 
TDN3000^6C-19-R-16  -  Basic  Configuration  with  Additional 

8MB  RAM 


Option 

OCM-SCAT  (10)-R2-C  -  X.25  Serial  Controller 

Datawatch  Corporation  X86/020 

Wilmington,  MA 

Ihe  Datawatch  X86/020  is  a  cosnopact  diskless  workstation 
intended  for  networking  applications.  With  rational 
proms,  the  X86/020  can  be  booted  from  the  network  server 
or  remote  host.  Optional  disk  emulating  EPROMS  (i:p  to 
2.4MB)  can  be  easily  loaded  with  the  Xll  X  Windows 
server.  Based  on  an  80386SX  processor  running  at  16 
MHz,  each  standard  workstation  eilso  includes  8  I/O 
e>q>ansion  slots,  an  enhanced  101-key  lockable  ke^hoard, 
and  a  200  watt  110/220  VAC  power  supply.  Maximum 
on-board  memory  is  8MB.  Display  options  include  VGA 
color  graphics  on  14  inch  screens  and  hi^-resolution 
1280  X  1024  color  gr^hics  on  16  inch  screens. 
Communications  options  available  include  ethemet  and 
industry  standard  serial  and  parallel  interfaces.  A 
mouse  is  available. 

Basic  Unit: 

Enhanced  101  key  lockable  ke^hoard 
8  I/O  ejpansicxi  slots 
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(Continued)  X86/020 

Each  basic  unit  must  be  ordered  with  one  of  the  follcwing 
inemory  options  installed: 

JM-Ol  1MB  RAM  on  CEU  board 

FM-02  2MB  RAM  cai  CHJ  board 

FM-03  4MB  RAM  on  CHJ  board 

RM-04  a©  RAM  on  CHJ  board 

EM-05  SMB  RAM  on  CHJ  board 

Each  basic  unit  must  be  ordered  with  one  of  the  following 
video  ad^3tors  installed: 

CM-01  VGA  Adaptor  Board 

HM-OIA  Hi^-resolution  TIGA  Interface  Adaptor  Board 
(1280  X  1024)  ,  512KB  CRATVIMB  VRAM 
HM-OIB  Hi^-resolution  TIGA  Interface  Adaptor  Board 
(1280  X  1024) ,  512KB  EK^ZMB  VRAM 
HM-OIC  Hi^-resolxiticai  TIGA  Interface  Adaptor  Board 
(1280  X  1024) ,  2MB  ERA^/iMB  VRAM 
HM-OID  Hi^-resolution  TIGA  Interface  Adaptor  Board 
(1280  X  1024)  ,  2MB  ERAH/2MB  VRAM 
HM-OIE  Hi^-resolution  TIGA  Interface  Adaptor  Board 
(1280  X  1024) ,  4MB  ERAIVIMB  VRAM 
HM-OIF  Hi^-resolution  TIGA  Interface  Adaptor  Board 
(1280  X  1024) ,  4MB  I»AH/2MB  VRAM 

Additional  Options  available  on  all  models: 

RD-01  1.2MB  ROM  Disk 

RE-01  RAM  Expansion  Card 

CP-01  80387SX  Efeth  Cc^rocessor 

SP-01  9  Pin  Serial  Port  (4  Max  SP-01  &  02) 

SP-02  25  Pin  Serial  Port  (4  Max  SP-01  &  02) 

PE^Ol  Parallel  Port  (2  Max.) 

EP-01  WD  8003EB  8  Bit  Ethernet  (ADI) 

EP-02  WD  8003EB  8  Bit  Ethernet  (RG58) 

EP-03  Fiber  Optic  Ethernet  Adaptor 

BP-01  Novell  Netware  Boot  Prcm  for  EP-01  and  EP-02 

BP-02  Novell  Netware  Boot  Prom  for  EP-03 

MS-01  Logitech  Bus  Mouse 

KB-01  US/UK  Kei*)oard  Option 

KB-02  Belgian  Keitoard  Ass'y 

KB-03  Canadian  Keyboard  Ass'y 

KB-04  Dani^  Ke^3oard  Ass'y 

KB-05  French  Ke^xerd  Ass'y 

KB-06  German  Keyboard  Ass'y 

KB-07  Italian  Ke^xard  Ass'y 

KB-08  Latin  American  Keitoard  Ass'y 

KB-09  Netherlands  Keitoard  Ass'y 
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(Continued)  X86/020 

KB^IO  Norwegian  Reitxoard  Ass'y 
KB-11  Portuguese  Keitoard  Ass'y 
KB-12  Spanidi  Keit)oard  Ass'y 

KB-13  Swedi^  Keitxoard  Ass'y 

KB-14  Swiss  Ke^toard  Ass'y 

KB-15  Xfiiited  Kingdom  Keitoard  Ass'y 

VM-14  14"  VGA  Mcxiitor  (For  use  with  CM-01 

VGA  Adaptor) 

HB-16  16"  Hi-Res  Monitor  (For  use  with  HM-OIA.  .F 

TIGA  Video  Adaptor) 

Workstation  Datawatcii  Corporation  X86/540X 

Wilmington,  MA 

Ihe  EATAWATCH  X86/540  is  a  hi^ily  configurable  ootrputer 
workstaticHi  based  on  a  25MHz  80386  processor  and  incor¬ 
porating  an  intelligent  bit-master  SCSI  host  adaptor. 
Each  standard  workstation  also  includes  4MB  32  Bit  RAM, 
65KB  SRAM  cache  memory,  a  1.2MB  5.25"  floppy  disk 
drive,  and  an  enhanced  101  key  lockable  keyboard,  8  I/O 
ej^ansion  slots,  and  a  220  watt  110/220  VAC  power 
sij^ly.  Ihe  chassis  provides  5  half-hei^t  media  bays 
Vihich  may  be  (^ticaially  configured  with  a  variety  of 
SCSI  devices  including  hard  disk  drive,  cartridge  disk 
drives  and  streaming  tape  drives.  Maximum  on  board 
memory  is  20MB  with  total  system  memory  es^andable  to 
28MB  via  a  32  bit  hi^  speed  ej^ansion  board. 

Configured  Options: 

Model  Basic  Unit  with  Included  Options 

DAIAWATCH  X86/540M  MM-01  Moncxhrcme  Adaptor 

WM14  Monochrome  Monitor 

DAIAWATCH  X86/540V  CM-01  VGA  Adaptor  Board 

DAIAWATCH  X86/540H  HM-01  Hi-Res  Adaptor  Beard 

Additional  Options  Available  on  All  Models: 

BM-01 
RM-02 
RM-03 
RM-04 
RE-01 
RE-02 
CP-01 
CP-02 
DF-01 
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(Continued) 

X86/540X 

DF-02 

1.4MB  3.5"  Floppy  Disk  Drive 

DS-01 

4(»ffi  SCSI  Hard  Disk  Drive,  1/2  Ht. 

DS-03 

103©  SCSI  Disk  Drive,  1/2  Ht. 

DS-06 

33(»ffi  SCSI  Bard  Disk  Drive,  Full  Ht. 

DS-07 

66(»ffi  SCSI  Hard  Disk  Drive,  Full  Ht. 

DC-01 

SyQuest  555R  44MB  Cartridge  Drive 

ET-Ol 

15(»ffi  SCSI  Streaming  Tape 

SP-01 

9  Pin  Serial  Port  (4  Max  SP-01  &  02) 

SP-02 

25  Pin  Serial  Port  (4  Ifax  SP-01  &  02) 

SP-04 

Intelligence  4  Port  Serial  Interface 

SP-08 

Intelligent  8  Port  Serial  Interface 

PP-01 

Parallel  Port  (2  Max.) 

EP-05 

WD  8013EBr  8  Bit  Ethernet  (ADI) 

EP-06 

WD  8013EBr  8  Bit  Ethernet  (RG58) 

MS-01 

Icgitech  Bus  Mouse 

ES-01 

External  SCSI  Port 

KB-01 

US/UK  Ke^xjard  Option 

KB-02 

Belgian  Ke^hoard  Ass'y 

KB-03 

Canadian  Keihoard  Ass'y 

KB-04 

Dani^  Keyboard  Ass'y 

KB-05 

French  Ke^xerd  Ass'y 

KB-06 

German  Reitoard  Ass'y 

KB-07 

Italian  Keyboard  Ass'y 

K&-08 

Latin  American  Keihoard  Ass'y 

KB-09 

Netherlands  Keihcard  Ass'y 

KB-10 

Norwegian  Keyboard  Ass'y 

KB-11 

Portuguese  Keihoard  Ass'y 

KB-12 

Spanish  Keihoard  Ass'y 

KB-13 

Swedish  Keihoard  Ass'y 

KB-14 

Swiss  Keyboard  Ass'y 

KB-15 

IMited  Kingdom  Keihoard  Ass'y 

Additional  Options  Available  on  DATAWATCH  X86/540V: 

VM14  14''  VGA  Monitor 

NM14  14"  Multisyncing  Monitor 

Additional  Options  Available  on  DATAWATCH  X86/540H: 

HM20  20"  Hi-Res  Monitor 

Datawatch  Corporation  X86/550 

Wilmington,  MA 

Ihe  DATAWATCH  X86/550  is  a  hi^ily  configurable  ccsrputer 
workstation  based  on  a  33MHz  80386  processor  and 
incorporating  an  intelligent  bus-master  SCSI  host 
adaptor.  Each  standard  workstation  also  includes  4MB  32 
Bit  RAM,  64KB  SRAM  cache  memory,  a  1.2MB  5.25"  flqfpy 
disk  drive,  and  an  enhanced  101  key  lockable  keihoard. 
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(Continued)  X86/550 

8  I/O  e}q>ansion  slots,  and  a  220watt  110/220VAC  power 
su^ly.  The  chasis  provides  5  half-4iei^t  media  bays 
vMch  may  be  optionally  cxaifigured  with  a  variety  of 
SCSI  devices  including  hard  disk  drives,  cartridge 
disk  drives  and  streaming  tape  drives.  Maximum  on 
board  memory  is  SMB  with  total  system  monory  expandable 
to  28MB  via  a  32  bit  hi^  ^)eed  ej^jansion  board. 

Configured  Cpticxis: 

Basic  unit  w/ 

Model  Included  options 

DAIAWATCH  X86/55QM  MM-01  Monochroame  Adaptor 

WM14  Monochrome  Monitor 

DftTAWATOi  X86/550V  CM-01  VGA  Adaptor  Board 

DAIAMATCH  X86/550H  HM-01  Hi-Ites  Adaptor  Board 

HM-02  Hi-Res  TIGA  Interface 
Adaptor  Board 

Additional  Cpticais  available  on  all  models: 

BM-01  Additional  1MB  32  Bit  RAM  on  CPU  board 

RM-02  AdditicMTcil  4MB  32  Bit  RAM  on  CEU  board 

BM-03  16MB  RAM  CMl  CEU  board  in  lieu  of  std  4MB 

RM-04  AdditicHial  16MB  32  Bit  RAM  cai  CEU  board 

RE-01  4MB  32  Bit  RAM  Expansicai  Board 

RE-02  SMB  32  Bit  RAM  Ebqiansion  Board 

CP-01  Intel  33MHz  80387  Numeric  Ccprocessor 
CP-02  Weitek  33MHz  3167  Iknueric  Coprocessor 
DF-01  1.2MB  5.25”  Floppy  Disk  Drive 

DF-02  1.4MB  3.5"  Floppy  Disk  Drive 

DS-01  40MB  SCSI  Disk  Drive,  1/2  Ht. 

DS-03  105MB  SCSI  Hard  Disk  Drive,  l/2Ht. 

Additional  Options  available  on  all  models: 

DS-06  330MB  SCSI  Bard  Disk  Drive,  Full  Ht. 

DS-07  660MB  SCSI  Hard  Disk  Drive,  Full  Ht. 

DS-08  1GB  SCSI  Hard  Disk  Drive,  Full  Ht. 

DC-01  SyQuest  555R  44MB  Cartridge  Drive 

DT-Ol  150MB  SCSI  Streaming  Tape 

SP-01  9  Pin  Sericil  Port  (4  Max  SP-01  &  02) 

SP-02  25  Pin  Serial  Port  (4  Max  SP-01  &  02) 

SP-04  Intelligent  4  Port  Sericil  Interface 

SP-08  Intelligent  8  Port  Serial  Interface 

PP-01  Parallel  Port  (2  Max.) 

EEM)5  WD  8013EBT  8  Bit  Ethernet  (AUI) 

EP-06  WD  8013EBT  8  Bit  Ethernet  (RG58) 
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(Continued) 

MS-01 

ES-01 

KB-01 

KB-02 

KB-03 

KB-04 

KB-05 

KB-06 

KB-07 

KB-08 

KB-09 

KB-10 

KB-11 

KB-12 

KB-13 

KB-14 

KB-15 


X86/550 

logitech  Bus  Meuse 
External  SCSI  Port 
US/UK  Kei^Doard  Option 
B^gian  Kei^Doard  Ass'y 
Canadian  Rej^xiard  Ass'y 
Danidi  Keyboard  Ass'y 
French  Re^xoard  Ass'y 
German  Keyboard  Ass'y 
Italian  Re^xard  Ass'y 
Latin  American  Re^xard  Ass'y 
Netherlands  Keyboard  Ass'y 
Norwegian  Reybaord  Ass'y 
Portuguese  Re^xard  Ass'y 
Spanish  Rej^xard  Ass'y 
Swedi^  Re^lxard  Ass'y 
Swiss  Rei^xard  Ass'y 
United  Kingdom  Rei^xard  Ass'y 


Additional  Options  available  on  DMAWATCH  X86/550V; 


VM14  14"  VGA  Monitor 

NM14  14"  Multisyncing  Ifonitor 


Additioral  Options  available  on  DATAWATCH  X86/550H: 

HM16  16"  HiRes  Monitor 

HM20  20"  HiRes  Monitor 


Hetra  Corputer  &  Coraraunications  RISC-6000/320T 

Sebastian,  FL 

Ihe  Model  RSIC-6000/320T  is  a  Hi^  Performance  Desktop 
Workstation  which  can  easily  be  converted  to  a  floor 
standing  model.  Ihe  basic  unit  is  equipment  with: 

-  20  MHz  pewer  architecture  processor  with  8K  byte 
instruction  cache,  32k  byte  data  cache  and  64  bit 

memory  bus. 

-  8  MByte  memory  (expandable  to  32  MByte) . 

-  4  Micro  Channel  I/O  Slots. 

-  3.5  Inch  1.44  MByte  Flqfpy  Drive. 

-  Three  5.25  inch  Drive  Bays  configured  with  (1)  120  MByte 
Removable  Disk  Drive,  (1)  320  MByte  SCSI  Removable  Disk 
Drive  and  (1)  150  MB^te  1/4  inch  Cartridge  Tape  Drive. 

-  (1)  SCSI  Controller. 

-  (1)  8-Bit  3D  Color  Gr^hics  Adapter  Model  No.  2780. 

-  101-lT  Keyboard. 

-  19  inch  Color  Monitor,  Model  4820T. 

-  1003T  3-Button  Mouse. 

-  (2)  Serial  Ports. 
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(Continued)  KESC-6000/320T 

-  (1)  Parallel  Port. 

-  (1)  SCSI  Port. 

-  Ethernet  Hi^  Performance  Ian  Adapter. 


Options  to  the  RISC-6000/320T  are  listed  belcw; 

-  lEM  Token  Ring  Hi^  Performance  Network  Adapter 
MDdel  No.  2970. 

-  Grayscale  Graphics  Adapter  Model  No.  2770. 

lEM  Corporaticai  4405 

Gaithersburg,  MD 

Ihe  lEM  TEMPEST  Personal  Systen/2  Model  70-386 
workstation  is  a  general  purpose  ccnpiter,  equipped 
with  an  80386  CPU,  2MB  RAM,  am  RS-232  asynchronous 
port,  one  parallel  port,  a  video  controller,  mouse,  and 
keyboard  interfaces.  The  System  Unit  includes  a  3.5”, 
1.44MB  Diskette  Drive  (lEM  No.  6450353) . 

A  TEMPEST  101-key  key4x>ard  (lEM  No.  137A640)  is 
included  as  part  of  this  basic  configuration. 

Three  Adapter  Card  slots  are  provided  for  additional 
feature/options . 

The  workstation  operates  autcraatically  on  Wbrld-Wide 
Pcwer. 


The  lEM  TEMPEST  PS/2  12”  VGA  Color  Display  4406-T01 
(llOV) ,  4406^2  (220V)  ;  and  the  lEM  TEMPEST  PS/2  16” 
VGA  Color  Display  4409-T01  (llOV) ,  4409-T02  (220V) ,  are 
available  for  use  with  this  workstation. 

4405  T16E  TEMPEST  PS/2  Model  70  with: 

System  1 

16MH2  80386  Processor 
6(»1B  Fixed  Disk  Drive  4405-501 
1.44MB  Diskette  Drive 
2MB  RAM 

VGA,  Serial,  Parallel,  Mouse,  Ports 
101-key  Keyboard 
3  Available  Slots  for  Options 

4405  T16E  TEMPEST  PS/2  Model  70  with: 

System  2 

16MHz  80386  Processor 
TEMPEST  PS/2  Portable  Disk  Drive 
4407  T  and  Ad^ter 
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Model  No 


Manufacturer 
City,  State 
Description 


(Cc»itinued) 


4405  T16E 
System  3 


4405  T20E 
System  1 


4405  T20E 
System  2 


4405  T20E 
System  3 


4405 

PS/2  1191B  Portable  Disk  Drive 
Module  4407  TOl 
1.44MB  Diskette  Drive 
2MB  PAM 

VGA,  Serial,  Parallel,  Mouse,  Ports 
101-key  Ke^ooard 
2  Available  Slots  for  Options 

TEMPEST  PS/2  Model  70  with: 

16MHz  80386  Processor 
TEMPEST  PS/2  Portable  Di^  Drive 
4407  T  and  Adapter 
PS/2  314MB  Portable  Disk  Drive 
Model  4407  T02 
1.44MB  Diskette  Drive 
2MB  PAM 

VGA,  Serial,  Parallel,  Mouse,  Ports 
101-key  Keit)oard 

2  Available  Slots  for  Options 

TEMPEST  PS/2  Model  70  with: 

2(Miz  80386  Processor 
120MB  Fixed  Disk  Drive  4405-502 
1.44MB  Diskette  Drive 
2MB  PAM 

VGA,  Serial,  Parallel,  Mouse,  Ports 
101-key  Keiixsard 

3  Available  Slots  for  Options 

TEMPEST  PS/2  Model  70  with: 

20MHz  80386  Processor 
TEMPEST  PS/2  Portable  Disk  Drive 
4407  T  and  Adapter 
PS/2  113©  Portable  Disk  Drive 
Module  4407  TOl 
1.44MB  Diskette  Drive 
2MB  PAM 

VGA,  Serial,  Parallel,  Mouse,  Ports 
101-key  Ke^ooard 
2  Available  Slots  for  Options 

TEMPEST  PS/2  Model  70  with: 

20MHz  80386  Processor 
TEMPEST  PS/2  Portable  Disk  Drive 
4407  T  and  Adapter 
PS/2  314MB  Portable  Disk  Drive 
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City/  State 
Description 

(Continued)  4405 

Module  4407  T02 
1.44M3  Distette  Drive 
2MB  RAM 

VGA,  Serial,  Parallel,  Mouse,  Ports 
101-key  Keyboard 

2  Available  Slots  for  Options 

4405  T25E  TEMPEST  PS/2  Model  70  with: 

System  1 

2^1EIz  80386  Processor 
12CMB  Fixed  Disk  Drive  4405-502 
1.44MB  Diskette  Drive 
2MB  RAM 

VGA,  Serial,  Parallel,  Mouse,  Ports 
lOl-k^  Ke^x>ard 

3  Available  Slots  for  Opticxis 

4405  T25E  TEMPEST  PS/2  Model  70  with: 

System  2 

25MHz  80386  Processor 
TEMPEST  PS/2  Portable  Disk  Drive 
4407  T  and  Adapter 
PS/2  115MB  Portable  Disk  Drive 
Module  4407  TOl 
1.44MB  Diskette  Drive 
2MB  RAM 

VGA,  Serial,  Parallel,  Mouse,  Ports 
101-key  Kei4x>ard 
2  Available  Slots  for  Options 

4405  T25E  TEMPEST  PS/2  Model  70  with: 

System  3 

25MHz  80386  Processor 
TEMPEST  PS/2  Portable  Disk  Drive 
4407  T  and  Adapter 
PS/2  314MB  Portable  Di^  Drive 
Module  4407  T02 
1.44MB  Diskette  Drive 
2MB  RAM 

VGA,  Serial,  Parallel,  Mouse,  Ports 
101-key  Ke^soard 
2  Available  Slots  for  Options 

Additional  Options: 

4406-T01  TEMPEST  PS/2  12”  VGA  Color  Display  (llOV) 

4406^2  TEMPEST  ES/2  12"  VGA  Color  Di^lay  (220V) 

4409-T01  TEMPEST  PS/2  16”  Color  Di^lay  (llOV) 
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Description 

(Continued)  4405 

4409-T02  TEMPEST  ES/2  16"  Color  Di^lay  (220V) 

4407-T01  R5/2  115MB  Portable  Disk  Drive  Module 

4407-T02  ES/2  314MB  Portable  Disk  Drive  Module 

4405-101  2MB  Memory  Module  for  T16E  or  T20E  System 
Board  or  Memory  Ejqiansiai  Adapter 

4405-106  2MB  Memory  Module  for  T25E  System  Board 

4405-102  85ns  Memory  Ejqjansicai  Ade^ter  (2-8MB) , 

2MB  Installed,  for  T16E,  T20E,  or  T25E 

4405-103  80387  Math  Coprocessor  for  T16E 

4405-104  80387  Math  Coprocessor  for  T20E 

4405-105  80387  Math  Coprocessor  for  T25E 

4405-201  3270  CcainectiOTi  Adapter 

4405-202  Multi-Protocol  Adapter 

4405-203  IBM  16/4MB  Token  Ring  IAN  Adapter 

4405-204  3CCM  EtherLINiVMC  Ethernet  Adapter 

4405-205  ISrjgermaiVBass  Ethernet  Adapter 

4405-206  RS-530  Adc^ter 

4405-207  Y  Cable,  RS-530  Standard  Interface 

4405-209  8514/A  Adapter 

4405-301  PS/2  Mouse 

4405-302  l^stem  Unit  Floorstand 
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Equipment  Category 


Scanner 


Products  Containing  Confirmed  Deficiencies 

Manufacturer  Model 

City,  State  MUmber 

Description 


Candes  Systems  Incorporated  895T-XX 

Harleysville,  PA 

Hie  895T-XX  is  a  TEMPEST  version  of  the  i^le  A9M0337 
Desk-tc^,  Digital  black  and  \diite  scanner  using  a 
Charged  Coi5)led  Device  (CCD)  scanning  device,  accepting 
documents  to  a  maximum  size  of  8.5”  x  14”  and  cperating 
at  scan  times  of  5ms,  8ms,  and  16ms  in  the  black  and 
vhite  mode,  half-tone  mode,  and  mixed  mode  respectively. 

(jonfigured  Options: 

Basic  Unit/ 

Model  No.  Included  Cations 

895T-01  CA-01  36”  TEMPEST  peripheral  SCSI 

Cable  (25  pin  D) 

TE-01  TEMPEST  SCSI  Terminator 
895T-02  CA-06  36”  TEMPEST  Peripheral  SCSI 

Cable  (37  pin  D) 

TE-01  TEMPEST  SCSI  Terminator 
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Products  With  Suspended  Endorsement  Pending 
Product  Endorsement  Termination  and  l^ipeal 

Manufacturer  Model 

City,  State  MUniber 

Description 
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January  1992  Endorsed  TEMPEST  Products  List 
Section  V 

Products  Whose  Endorsement  Has  Been  Terminated  Because  of 
niMcesolved  Deficiencies  or  Fedlure  to  comply  with  ETPP  Procedures 

Equipnent  Category  Manufacturer  Model 

City,  State  Number 

Description 


Tendjvd/Workstaticxri 


Tektronix,  Incorporated  4230T/4330T 

Beaverton,  CSl 

The  4230T/4330T  is  a  hi^  performance  color  3D  grajiiics 
ti=»rmina1  and  workstation  family  of  products.  Ihese 
4230T/4330T  products  have  a  hi^  bri^tness  (me^-less)  19” 
monitor  with  1280  x  1024  resolution.  Graphics, 
ccraraunication  and  conputing  <^tions  ejpand  the  family 
capability.  The  4230T  terminal  sipports  PIDT-IO  graphics, 
has  4  bit  planes  standard  and  provides  16  colors  from  a 
peilette  of  over  16  million.  It  has  over  2MB  standard 
graphics  memory  available  to  the  user.  The  4330T  GrapMcs 
Wbrkstation  adds  ocmputer  capability  to  the  4230T  family.  It 
supports  Ut^  (Tektronix  BSD-based  UNIX) ,  NFS,  X  windows, 
PC-XT  emulation,  with  4MB  PAM  standard.  It  has  a  standard 
156MB  hard  disk  and  1.2MB  flexible  disk.  The  4330T  has  SCSI 
ports  (for  removable  or  additional  mass  storage) .  The 
4230T/4330T  have  RS232C  and  Centronix  ports  and  vr220 
ooffiopatible  ke^xjard.  Throu^  TEMPEST  technology 
breakthrou^,  the  products  have  no  wire  medi  on  the  monitor 
and  the  cabinetry  closely  matches  the  ccanmercicil 
counterparts. 


Model 

4230T 


4330T 
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Basic  Iftiit  w/  Included  Options  Part  Number 

Color  Monitor  1024x1280 

119-2451 

Ke^x»ard  VT200 

119-2468 

Grcphics  Control  Processor 

670-9613 

IWB  W/  2MB  RAM 

Picture  Processor  FWB 

670-9608 

Frame  Buffer  FWB  w/  4  Bit 

670-9611 

Planes 

One  Chassis 

670-9606 

Color  Monitor  1024x1280 

119-2451 

Keyboard  VKOO 

119-2468 

Graphics  Control  I>rocessor 

670-9613 

FWB  W/  2MB  RAM 

Picture  Ftocessor  FWB 

670-9608 

Frame  Buffer  FWB  w/  4  Bit 

670-9611 

Planes 

TWO  Chassis 

670-9606 

Ccmpute  Engine  FWB  w/  4MB 

671-0074 
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Eqiiipment  Category 


Manufacturer 

Model 

City,  State 
Description 

number 

(Continued) 

4230T/4330T 

RftM 

Mouse 

119-1808 

150©  Hard  Disk  Drive 

119-2437 

1.2MB  Flexible  Di^  Drive 

119-2400 

w/  ^ 

Gtc^ihics  Display  S/W 
Flexible  Dndc 

650-2013 

Both  4230T  and  4330T  Models  Available  in  Configurations: 

35 

Basic  Iftiit  w/  Additional 

4  Bit  Planes  (for  a  total 
of  8  bit  planes) 

670-9610 

36 

Basic  Iftiit  w/  Additional  4 

670-0610 

Bit  Planes  (for  a  total  of 

8  bit  planes)  and  Add 
Z-Buffer 

670-9614 

37 

Basic  Unit  w/  AdditicMTcil  8 

670-9609 

Bit  Planes  (for  a  total  of 

670-9614 

12  bit  planes)  and  Add 

670-9615 

Z-Buffer 

671-0286 

38 

Bcisic  Unit  w/  Additional  4 

670-9610 

Bit  Planes  (for  a  total  of 

670-9614 

8  bit  planes) ,  Double 

671-0154 

Buffered,  and  Add  Z-Buffer 

671-0286 

39 

Basic  Unit  w/  Additicaial  8 

(2)670-9609 

Bit  Planes  (for  a  total  of 

670-9614 

12  bit  planes) ,  Double 

670-9615 

Buffered,  or  24  True  Color, 
and  Add  Z-Buffer 

671-0286 

Additional  Options  Available  on  Ar^  4230T 

Configured  Model: 

10 

Interactive  CMA  FWB  w/ 

670-9617 

MicroVax  Connecticai 

670-9710 

670-9762 

650-2053 

14 

Interactive  EMA  IWB  w/  4301 

670-9617 

Connection 

670- 9762 

671- 0223 
671-0312 

■m 

Mouse 

119-1808 

Additional  Options  Available  cai  any  4330T 

Configured  Model: 

lA 

Floating  Point  Accelerator 

671-0224 

1C 

Add  8MB  Memory 

671-0222 

12 

Streamer  Tape 

062-9234 

119-2460 

13 

Removable  Bard  Disk 

710-5103 
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Eguipnent  category 


Model 

Mtniber 


Manufacturer 
City,  State 
Description 

(Continued)  4230T/4330T 


17 

30QMB  Hard  Disk 

119-3123 

3A 

Dual  ES232  CMA 

671-0310 

3F 

Interactive  EMA 

671-0312 

3G 

Local  Bus  Ad^>t 

671-0223 

Tl* 

External  Mass  Storage  Unit 

062-9320 

w/  156MB  Disk 

119-2437 

T2* 

External  Mass  Storage  IMit 

062-9320 

w/  300  MB  Disk 

119-3123 

T3* 

External  Ifess  Storage  Unit 

062-9320 

w/  two  30(^  Disks  (for  a 
total  of  60(»ffi) 

(2)119-3123 

T4 

Renewable  Externcil  I&ss 
Storage  Iftiit  (applies  to 

Tl,  T2,  T3) 

367-0389 

*  Only  one  of  these  optiois  is  orderable  with  the  4330T. 

Additic»icil  Options  Available  on  both  4230T  and  4330T 

Configured  Models: 

20 

Additicaial  16MB  Display  List 
Memory 

670-9612 

41 

Additional  Chassis 

670-9606 

TD 

Valuator  Dials 

119-2483 

670-9616 

TF  Fiber  Optic  IAN  119-3463 

El-E-9,  SO  Service,  Software  N/A 

Subscription,  Installation 
TERMm&XED:  04/01/91 
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Equipment  Category 


Printer,  Laser 


January  1992  Endorsed  TEMPEST  Products  List 
Section  VI 

Products  Which  3lre  No  Longer  Being  Produced 

Manufacturer  Model 

city.  State  Number 

Descudption 


Hewlett-Pacikard  Conpany  33449X-T 

Palo  Alto,  CA 

■me  33449A-T/B-T  LaserJet  Series  III  is  a  general 
purpose  laser  printer  for  perscaial  conputer  and 
workstation  hardcopy  output.  Each  printer  includes  3MB 
RAM,  Centronics  parallel  and  RS-232-C/RS-422-A  Serial 
interfaces,  letter  size  paper  input  tray  and 
cpprcpriate  power  cord.  The  standard  printer  features 
a  print  speed  of  rp  to  8  pages  per  minute  and  a  300 
dots-per-inch  text  and  graphics  resolution. 

33449A-T  TEMPEST  LaserJet  III,  60  Hz/120  VAC 
33449B-T  TEMPEST  LaserJet  III,  50  Hz/240  VAC 

The  following  accessories  are  available  to  enhance  the 
printer's  functionality  thou^  esqjanded  memory  and  font 
capabilities.  1  or  2MB  memory  boards  can  be  installed 
in  the  available  two  menory  slots,  for  i^)  to  a  totcil  of 
a©  RAM.  Printer  will  not  c^jerate  without  two  font 
cartridges. 


Fart  Ccu±ridges:  (Must  order  two) 


C2335A-T 


Font,  Operational  (Dumroy  Font  for 
operation  only) 


C2335A-T  #C01 

Font 

C2335A-T  #C02 

Font 

C2335A-T  #C03 

Font 

C2335A-T  #C04 

Font 

C2335A-T  #C05 

Font 

C2335A-T  #C06 

Font 

C2335A-T  #C07 

Font 

C2335A-T  #C08 

Font 

92286PC-T 

Font 

C2055A-T  #C01 

Font 

Word  Perfect 
Microsoft 

Policed  Work^eets 
Persuasive  Presentations 
Forms  Etc. 

Bar  Codes  &  More 
Text  Equations 
Global  Text 
Pro  Collection 
Great  Start 


Memory: 

33474B 

33475B 

Interface  Cables: 


1MB  Memory  Add-on 
2MB  Memory  Add-on 
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(Continued)  33449X-T 

C2327Z-T  Special  Centronics  parallel  cable, 

2.0  meter.  (25  pin  to  25  pin) 
46201'IA-T  Special  RS-232  serial  cable,  4.5 

meter.  (9  pin  to  25  pin,  sub-D 
male  DTE) 

DROSEED  DATE:  04/01/91 

Workstation  Hewlett-Padkard  Conpar^  98588G-T 

Palo  Alto,  CA 

Ihe  98588G-T  is  a  TEMPEST  HP  9000  Model  370  engineering 
Wor]^tatic»i.  Each  TEMPEST  workstation  includes  a 
shielded  cabinet  (A150QA--T) ,  HP-UX  License-to-Use 
(98594L)  and  an  HP  9000  Model  370  SHJ  (98579B)  eqi^pped 
with  a  33  MHz  68030  processor,  33  MHz  68882  Floating  Point 
Coprocessor,  8MB  parity-checking  RAM,  4Gb  virtual  memory 
address  space,  32-bit  system  bus,  32-bit  DIO  bus,  and 
system  interface  board  (with  IEEE-4888  HP-IB  interface, 
RS-232  sericd.  interface,  i  802.3/Ethemet  IAN  interface, 
IEEE-488  hi^-speed  HP-IB  dii^  interface,  two-channel  DMA 
ccaitroller  and  HPHEHL  interface) .  For  a  minimum  system 
ccaifiguraticHi,  option  001,  2D  Color  Graphics  Subsyston 
must  be  ordered.  Ihe  appropriate  localization  option 
must  also  be  ordered  to  determine  120  or  240VAC  power 
(Refer  to  HP  TEMPEST  98588G-T  Workstation  Configuration 
Guide) . 

98588G-T  TEMPEST  HP  9000  Model  370  Workstation 
A1500A-T  Cabinet 

98579B  Model  370  SFU 

98594L  HP-UX  License  to  Use 

Cpti<»i  001  2D  Color  Gr^Jhics  Subsystem 
A1509A-T  HP-HIL  Module 

98550A  Hi^  Resoluticffi  Color  Grajhics 

Board  with  RGB  Cable 
98754A-T  19"  Hi^  Resolution  Color 

Monitor  with  RGB  Connector 
A1510A-T  HP-HIL  3-button  Mouse 

46021A-T  Ke;^3oard 

46084A  HP-HEL  ID  Module 

Opti(mis  100  throu^  303  are  available  to  configure  the 
98588G-T  beyond  the  minimum  system  described  above. 

(Refer  to  HP  TEMPEST  98588G-T  Workstation  Configuration 
Guide) . 

Optical  100  Add  DIO-II  Ejpander  (98570A) 

Option  101  Add  Floating  Point  Acxselerator  (98248B  with 
Option  004) 
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Workstation 


Manufacturer 
City,  State 
Description 

(CCMTtinued)  98588G-T 

Cpticm  102  OCHwerts  8MB  RAM  to  16MB  RAM  (98579B  Option 
116) 

Optical  103  Substitute  8MB  ECO  RAM  for  8MB  parity  RAM 
(98579B  Optical  208) 

Optical  104  Substitute  16MB  ECO  RAM  for  8MB  Parity  RAM 
(98579B  Optical  216) 

Optical  105  Add  8MB  EOC  RAM  (98264A  with  Option  004) 

Option  106  Add  IQffi  EOC  RAM  (98264B  with  Optical  004) 
Optical  107  Add  4MB  parity  RAM  Controller  (98258A  with 
Optical  004) 

Optical  108  Add  4MB  parity  RAM  add-on,  plugs  into  98258A 
(98258B) 

Optical  109  Add  12MB  parity  RAM  add-on,  plugs  into 
98258A  (98258C) 

Optical  110  Add  3-slot  Bus  Connector  (98562-66503) 

Option  111  Add  4-slot  Bus  Connector  (98562-66504) 

Option  112  Add  4-cliannel  asynchronous  Multiplexer 
(98642A) 

Optical  200  Add  152MB  Fixed  Disk  Drive  (7962B) 

Optical  201  Add  304MB  Fixed  Disk  Drive  (7963B) 

Option  203  Add  Additicaial  152MB  Fixed  Mechanism  for 
7962/63B  with  Ccaitroller  (97962B) 

Optical  204  Add  AcJditioncil  304MB  Fixed  Mechanism  for 
7962/63B  with  Controller  (97963B) 

Optical  205  Add  152MB  Removable  Disk  Drive  (9262B) 

Optical  206  Add  304MB  Removable  Disk  Drive  (9263B) 

Optical  207  Acad  Addticaial  152MB  Removable  Mechanism  for 
9262/63B  with  Controller  (97902B) 

Optical  208  Add  Ac3ditional  152MB  Removable  Mechanism  for 

9262/63B  without  Ccaitroller  (97902B  Oj^ion  D03) 
Optical  209  Acid  Additional  304MB  Removable  Mechanism  for 
9262/63B  with  Controller  (97903B) 

Optical  210  Acad  Acacaitional  304MB  Removable  Mechanism  for 
9262/63B  without  Controller  (97903B  Option 
D03) 

Option  212  Acad  Internal  Cartricage  Tape  Drive  (9144A) 
Optical  302  Add  2-Channel  Wire  RS-232  Mbdule  (A1505A-T) 
Option  303  Acad  Fiber  Optic  IEEE  802.3  Ian  Module 
(A1507A-T) 

DROPPED  DATE:  OA/01/91 

Martin  Iferietta  Corporaticai  AN/TYQ-37 

Denver,  00 

Ihe  AN/TyQ-37  is  a  portable,  general  purpose  graphics 
cxatputer  workstation  vAiich  has  been  ruggedized  for  use 
in  har^  military  environments.  The  workstation  has 
been  qualified  to  many  MIL-STD-810D  environments  and 
MIIrCTD-461B,  Part  4.  Each  workstation  is  equipped 
with  a  basic  prxxessor  unit  (850EA072000)  vhich 
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number 


Manufacturer 
City,  State 
Description 

(Continued)  AN/IYQ-37 

contains  a  Microvax  II  dU,  IS©  of  RAM,  one  or  more 
Winchester  tedinology  removable  hard  dii^,  two  hi^ 
resolution  video  graphics  engines,  16  serial  I/O  ports, 
and  a  dual  redundant  ducil  ring  fiber  cptic  IAN 
transceiver  vAiich  runs  at  4(»1B  per  second.  Each 
workstation  is  equipped  with  a  mouse,  ke^xiard, 
printer,  and  two  hi^  resolutiai  color  graphics 
monitors.  The  color  mcxiitors  (850EA076000)  are 
equipped  with  a  thin  film  shield  vhich  does  not  degrade 
resoluticxi.  The  workstation  may  be  ccaifigured  with  one 
to  three  380MB  or  76GMB  Winchester  technology, 
removable  disk  drives. 

Model  No.  Basic  Uhit  with  Included  Options 

AN/r7Q-37(Vl)  Single  380MB  Disk 

AN/TYQ-37(V2)  Dual  38(»1B  Disks 

AN/IYQ-37(V3)  One  38(MB  Disk  and  one  76(»IB  Disk 

DROPPED  DATE:  07/01/91 

Workstation  Sun  Microsystems  Federal,  Inc.  3/260  T-E 

Fremcsit,  CA 

The  Sun  3/260T-E  is  a  family  of  hi^-^)erformanoe, 
general  purpose  deskside  cxmputer  workstaticais  or 
file  servers  designed  for  broad  ^plicaticxi  in  such 
diverse  areas  as  conputer  aided  engineering, 
application  and  program  development,  publishing 
applicaticais,  etc.  The  Sun  3/260T-E  achieves  4  MIES 
performance  in  an  open  system  architecture  vhich  takes 
full  advantage  of  industry  standards  and  networks.  Ihe 
Sun  3/260T-E  consists  of  a  twelve  slot  VME  card  cage 
embedded  in  a  Hi^-Utility,  LowKOst  Cabinet  (HUICC) 
vhich  meets  all  requirements  of  NACSIM  510QA.  Each 
workstatic»i  is  equipped  with  a  Sun  CEU  Board  vhich 
includes  a  25  MHz  68020  dU,  a  20  MHz  68881 
floating-point  coprocessor,  a  64kB  cache,  an  8MB  main 
memory,  an  Ethernet  controller,  and  two  RS-423  ports. 
Ihe  3/260T-E  may  eilso  be  configured  with  vp  to  two 
removable  327MB  ESDI  hard  disk  drives,  i;?)  to  two  280MB 
SMD  hard  disk  drives  in  a  s^arate  HDICC  esqansion 
cabinet,  1.2MB  flexible  disk  drive,  60MB  tape,  and 
to  32MB  of  total  ECC  memory.  Hie  workstations  and 
file  servers  operate  under  the  Sun  OS  converged  UNIX 
operating  system  and  support  multiple  prograirming 
languages  and  ccmmunications  protocols. 

Model  Nos. 

3/260ST-E  Hie  basic  ccaifiguraticai  consisting  of  a 
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Equipnent  Category 


Model 

MUniber 


Manufacturer 
state 

Description 

(Continued)  3/260  T-E 

Sun  CPU  board,  a  25  MHz  68020  CPU,  a  20  MHz 
68881  floating-point  coprocessor,  a  64kB  cache, 
an  main  memory,  an  Ethernet  controller, 
and  two  RS-423  ports.  Ihis  configuration 
must  be  procured  with  the  T-455E  Fibercom 
Fiber  Optic  Ethernet  Interface  Board. 

3/260Cr-E  the  basic  ccaifiguraticai  plus  a  te^aoard, 

a  mouse,  and  an  1152  x  900  color  monitor.  This 
conf iguraticai  must  also  be  procured  with  the 
T-455E  Fibercom  Fiber  Cptic  Ethernet  Interface 


Additional  Cpticais  Available  chi  All  Models: 

T-108E  8MB  EOC  Memory  EJ5)ansicHi  Board  (Max.  of  3) 
'IV-212E  GP2  (Enhanced  Graphics  Processor)  Board 

T-455E  Fiberocm  Fiber  Optic  Ethernet  Interface 
Board 

TR-506E  Raraovable  327MB  (formatted)  ESDI  Bard  Disk 
Drive 

TR-510E  Removable  Dual  327MB  (formatted)  ESDI  Hard 
Disk  Drives 

TR-510E/2  Individually  Removable  327MB  Drives 
TR-516E  Removable  327MB  Hard  Disk  and  Fised  60MB 
1/4"  Tape  Drive  with  Controllers 
TR-517E  Removable  Dual  327MB  Hard  Di^  and  Fixed 
OOMB  1/4"  Tape  Drive  with  Controllers 
T-650E  60MB  1/4"  Cartridge  Tape  Drive  with 

CcHitroller 

OE-15M  15  Meter  Fiber  Optic  Cable 

OC-50M  50  Meter  Fiber  Optic  Cable 

OE-IOOM  100  Meter  Fiber  Cptic  Cable 
DROPPED  DATE:  0A/01/9X 

Workstation  Sun  Microsystems  Federal,  Inc.  4/260  T-E 

Fremont,  CA 

Uie  Sun  4/260T-E  is  a  family  of  hi^-performance, 
siperccHtputing  deskside  workstations  or  file  servers 
designed  for  broad  application  in  such  diverse  areas  as 
cxxrputer  aided  engineering,  application  and  program 
develcpment,  publishing  applications,  etc.  Ihe  Sun 
4/260T-E  achieves  10  MIPS  performance  in  an  open  system 
architecture  which  takes  full  advantage  of  industry 
standards  and  networks.  The  Sun  4/260T-E  consists  of  a 
twelve  slot  VME  card  cage  enibedded  in  a  Hi^-Utility, 
Low-Cost  Cabinet  (HULOC)  vhich  meets  all  requirements 
of  NACSIM  5100A.  Each  workstaticHi  is  equipped  with  a 
Sun  CEU  board  vhich  includes  an  Ethernet  controller,  a 
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Equipment  Categoxy  Msmufacturer  Model 

City,  State  MUniber 

Descriptian 

(Continued)  4/260  T-E 

video  ocaitroller,  and  two  KS-423  ports.  The  4/260T-E  may 
also  be  cxaifigured  with  to  two  removable  327MB  ESDI 
hard  disk  drives,  vp  to  two  28(»1B  SMD  hard  disk  drives 
in  a  s^arate  HULOC  e)q>ansic»i  cabinet,  1.2MB  flexible 
disk  drive,  60MB  tcqa,  and  tp  to  128MB  of  tot^LL  EOC 
memory.  The  workstation  and  file  server  operate  imder 
the  Sun  OS  ocxiverged  UNIX  operating  system  and  si;^]ports 
multiple  programning  languages  and  oonnunicatiois 
protocols. 

Model  Nos. 

4/260ST-E  The  basic  configuraticn  consisting  of  a 

Sun  CEU  board,  an  Ethernet  ccntroller,  a  video 
controller,  and  two  RS-423  ports.  This 
configuraticn  must  be  procured  with  a 
T-455E  Fiberoom  Fiber  Optic  Ethernet 
Interface  Beard. 

4/260cr-E  The  basic  configuraticn  plus  a  ke^xard, 
a  mouse,  and  eui  1152  x  900  color  monitor. 

This  cxnfiguraticn  inast  eilso  be  procured 
with  a  T-455E  Fiberoom  Fiber  Optic 
Ethernet  Interface  Board. 

Additicnal  Cpticns  Available  cn  All  Models: 

T108-E  SMB  EOC  Memory  Ibqansicn  Beard  (maximum  of 

3) 

T-212E  GP2  (Enhanced  Oaphics  Processor)  Beard 

T-455E  Fiberoom  Fiber  Cptic  Ethernet  Interface 

Beard 

TR-506E  Removable  327MB  (formatted)  ESDI  Hard 

Disk  Drive 

TR--510E  Removable  Dual  327MB  (formatted)  ESDI 

Hard  Disk  Drives 

111-5101/2  Individually  Removable  327MB  Drives 

TR-516E  Removable  327MB  Hard  Di^  and  Fixed  6(»1B 

1/4"  Tape  Drive  with  Ocntrollers 
TR-517E  Removable  Dual  327MB  Hard  Disk  and  Fixed 

60MB  1/4"  Tepe  Drive  with  Controllers 
T-650E  6QMB  1/4"  Cartridge  Tape  Drive  with 

Ocntroller 

OE-iai  15  Meter  Fiber  Cptic  Cable 

OE-5(M  50  Meter  Fiber  Optic  cable 

OE-IOCM  100  Meter  Fiber  Cptic  Cable 

DROSEED  DATE:  04/01/91 
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INTRODUCTION  TO 

THE  ENDORSED  TEMPEST  TEST  SERVICES  LIST 

The  National  Security  Agency  (NSA)  Endorsed  TEMPEST  Test 
Services  List  (ETTSL)  is  a  list  of  commercial  TEMPEST  test 
services  facilities  which  NSA  has  endorsed  under  the  auspices 
of  the  NSA  Endorsed  TEMPEST  Test  Services  Program  (ETTSP) , 
for  use  by  U.S.  Government  departments  and  agencies,  U.S. 
Government  contractors,  and  eligible  U.S.  TEMPEST  product 
manufacturers  to  conduct  TEMPEST  testing  related  to  the 
development  and  production  of  TEMPEST  products.  NSA 
endorsement  of  a  TEMPEST  test  services  facility  is  a 
statement  that  the  facility  complies  with  the  technical, 
security,  personnel,  equipment,  and  operational  requirements 
specified  in  the  ETTSP  Technical  and  Security  Requirements 
Document  (TSRD) . 

NSA  endorsement  and  placement  of  a  facility  on  the  ETTSL 
occurs  when  the  Company  demonstrates  it  operates  test 
services  facilities  with  the  requisite  personnel,  test 
equipment  inventory,  calibration  and  maintenance  requirements 
delineated  in  the  TSRD. 

NSA  does  not  make,  by  virtue  of  its  endorsement,  any 
warranty  or  representation  regarding  the  quality  of  services 
provided  by  the  endorsed  facility. 

The  ETTSP  is  an  adjunct  to  the  U.S.  Government  TEMPEST 
Certification  Program  (TCP)  which  is  responsible  for  the 
certification  of  TEMPEST  professionals. 

Companies  desiring  information  concerning  the  process 
and  requirements  for  obtaining  NSA  endorsement  of  a  TEMPEST 
test  services  facility  under  the  auspices  of  the  ETTSP  should 
contact : 


Director,  NSA 
National  Security  Agency 
ATTN:  X5 12/TEMPEST 

Fort  George  G.  Meade,  MD  20755-6000 
SCHEDULE  OF  SUBMISSIONS  FOR  ETTSL  LISTING 

The  ETTSL  is  updated  four  times  yearly  (January,  April, 
July,  and  October) .  Only  the  current  issue  should  be  used. 

In  order  to  coordinate  all  the  chapters  in  the  Information 
Systems  Security  Products  and  Services  Catalogue  (ISSPSC) 
with  the  various  organizations  who  publish  them,  and  in  order 
for  the  timely  printing  and  subscription  distribution  from 
the  Government  Printing  Office  of  the  ISSPSC,  the  Office  of 


Page  7-1 


Acquisition  Support  and  Business  Development  requests  that 
all  Chapters  of  the  ISSPSC  be  delivered  one  month  prior  to 
the  quarterly  printing  month.  As  a  result,  all  documentation 
for  the  next  quarterly  printing  of  the  ETTSL  must  be 
delivered  to  the  Endorsed  TEMPEST  Test  Services  Program 
Management  Office  (PMO)  two  months  prior  to  the  quarterly 
publication  month.  The  following  is  the  schedule  of 
submissions  for  the  ETTSL: 


ETTSP  COMPANIES  MUST 
HAVE  DOCUMENTATION 
TO  PMO  BY: 


PMO  MUST  DELIVER 
FINAL  ETTSL 
FOR  ISSPSC  BY: 


CATALOGUE 

PUBLISHING 

MONTH: 


1  November 
1  February 
1  May 
1  August 


1  December 
1  March 
1  June 
1  September 


OUTLINE  OF  SECTIONS 


January 

April 

July 

October 


The  ETTSL  consists  of  three  sections: 


a.  White  Pages  (Section  I) :  An  alphabetical 
listing,  delineating  the  names,  addresses,  phone  numbers,  and 
company  point  of  contact  (POC)  of  each  endorsed  TEMPEST  test 
services  facility. 


b.  Blue  Pages  (Section  II) :  A  list  of  test 
services  facilities  with  suspended  endorsement,  pending 
facility  endorsement  termination  and  appeal.  Upon  endorsement 
suspension,  the  company  operating  the  facility  may  not 
advertise  its  services  as  NSA  endorsed,  take  any  new  orders 
for  TEMPEST  test  services,  or  perform  TEMPEST  test  services 
pursuant  to  the  ETTSP  authorization.  The  facility  remains  in 
Section  II  pending  facility  endorsement  termination  and 
appeal . 


c.  Red  Pages  (Section  III) :  A  list  of  facilities 
whose  endorsement  has  been  terminated  because  of  failure  to 
comply  with  ETTSP  procedures  and  requirements.  Once  listed 
in  this  section  the  facility  shall  remain  here  for  one  year, 
after  which  it  will  be  deleted  from  the  ETTSL. 
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JANUARY  1992  ETTSL  ANNOUNCEMENTS 


a.  The  Electronic  Bulletin  Board  System  (EBBS)  formerly 
used  by  the  TEMPEST  Endorsement  Program  Office  for 
communications  between  this  office  and  vendors  has  been 
discontinued.  Any  future  communications  will  be  conducted  in 
writing  or  by  telephone.  Consult  the  address  listed  above  in 
Paragraph  5. 

b.  TEMPEST  Technologies,  Inc.  Test  Service  has  been 
voluntarily  terminated  by  the  company. 
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Januzu^  1992  Endorsed  TEMPEST  Test  Services  List 

Section  I 


Advanced  Measurement  Systems  Div. 
ATIN:  Antonio  Cardenas 
703-641-1533 
8550  Arlington  Blvd. 

Fairfax,  VA  22031 


Alliant  Techsystems,  Inc. 
ATIN:  Richard  H.  Newccstib 
201-542-1400 
P.  0.  Box  54 
Eatontown,  NT  07724 


ARC  Professional  Services  Grov:?), 
Inc. 

ATIN:  Richard  Neuens 
703-642-4292 
5390  Cherokee  Avenue 
Alexandria,  VA  22312 


Choraerics,  Incorporated 
ATIN:  Anthony  Genova 
617-935-4850  363 
P.  O.  Box  2436 
Wc^Durn,  MA  01888 


Cryptek  Secure  Communications,  Inc. 
Div  of  General  Kinetics,  Inc. 

ATIN:  Neel  J.  Price 
703-478-7140 
P.  O.  Box  365 
Herndon,  VA  22070 


Datasec  Corporation 
ATTN:  Judy  Figlioli 
603-954-9700 
P.  O.  Box  790 
Wilton,  NH  03086 


Alliant  Techsystems,  Inc. 
ATIN:  James  H.  Hall 
301-266-1785 
P.  O.  Box  391 
Annapolis,  MD  21404 


Alliant  Techsystems,  Inc. 

ATIN:  Michael  R.  FfcHale 

512-647-8231 

P.  O.  Box  380808 

San  Antonio,  TX  78280 


ARC  Professional  Services  Groi:p, 
Inc. 

ATTN:  James  O.  Dickinson,  Jr. 
408-737-2566 
1231  Midas  Way 
Sunnyvale,  CA  94086 


Comseardh  i^lied  Technology,  Inc. 
A  Subsidiary  of  Secure  Systems  Grp. 
ATTN:  Robert  K.  Lyons 
703-620-6300 

11720  Sunrise  Valley  Drive 
Reston,  VA  22091 


Dataproducts  New  England,  Inc. 
ATTN:  Marilyn  Marek 
203-265-7151  224 
P.  O.  Box  30 
Wallingford,  CT  06492 


Datawatch  Corporation 
ATTN:  Alan  MacDougall 
617-932-0550 
P.  O.  Box  847 
Wilmington,  MA  01887 
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Daytxsn  T.  Brcwn,  Inc. 
ATIN:  Frank  Ertmian 
516-589-6300  363 
555  ClMirch  Street 
Bohemia,  NY  11716 


Digital  Equipment  Corporation 
ATIN:  Ifario  Martinello 
603-884-4375 
Mail  Step  MK02-1/K6 
Digital  Way,  P.O.  Box  9501 
Merrimack,  NH  03054-0430 


Hetra  Computer  &  Communications 
Industries,  Inc. 

ATIN:  Dan  Wonak 
407-589-7331  214 
P.  O.  Box  9000 
Sebastian,  FL  32958 


International  Technology  Corp. 
ATIN:  David  J.  Bloch 
703-749-1200 
P.  O.  Box  6250 
Mclean,  VA  22106-6250 


IDEAL  Western  Develcpraent  Labs 
Strategic  Systens  Operation 
ATIN:  Donald  Blair 
301-796-1747 

7170  Standard  Drive,  Mailstop  3E 
Hanover,  MD  21076 


Mitek  Systems,  Inc. 
Eastern  Operations 
ATIN:  Karl  Sanders 
703-318-7030 
P.  O.  Box  28 
Sterling,  VA  22170 


Delta  Data  Systems  Corp. 
ATIN;  Robert  Mellott 
301-290-6400  234 
7175  Columbia  Gateway  Drive 
Columbia,  MD  21046 


Digital  Equipmient  Corporation 
Attn:  Bruce  Archaitibeault 
603-884-4759 
P.  O.  Box  1534 
Salem,  NH  03079 


Hu^es  Aircraft  Comparer 
Ground  Systems  Grotp 
Attn:  Charles  K.  Jackson 
714-732-7005 
P.  O.  Box  3310 
Fullerton,  CA  92634 


Iverson  Computer  Services,  Inc. 

ATIN:  Ivan  Feo 

813-535-8856 

4825  140th  Avenue  North 

Suite  K  Surplex  Center 

Clearwater,  FL  34622 


Mitek  Systems,  Inc. 
ATIN:  Glenn  Ritzmann 
619-587-9157 
P.  O.  Box  261004 
6225  Nancy  Ridge  Drive 
San  Diego,  CA  92121 


Motorola,  Inc. 

Government  Electronics  Grp.  Str. 
ATIN:  Dwayne  Awerkaiip 
602-441-3138 
2501  South  Price  Road 
Chandler,  AZ  85248 
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North  Atlantic  Industries,  Inc. 
A!nN;  Arthur  Freilich 
516-582-6500  251 
60  Plant  Avenue 
Hai:{pauge,  NY  11788-3890 


Rubicom  Systems,  Inc. 
ATIN:  Jos^di  G.  Barbee 
407-951-1710 
P.  O.  Box  22780 
Melbourne,  FL  32902-2780 


Security  Oomms.  of  America,  Inc. 
ATIN:  Alice  Gould 
203-269-1883 
P.  O.  Box  4245 
Ycilesville  Station 
Wallingford,  CT  06492 


Southwest  Research  Institute 

ATIN:  William  H.  McGinnis 

512-522-2721 

P.O.  Box  28255 

San  Antonio,  TX  78228-0255 


TFW/Space  and  Technology  Grxx?) 

ATIN:  Ruben  Bergay 

310-813-5164 

MS  M2/2164 

One  S^ce  Park 

Redondo  Be^ch,  CA  90278 


Wang  laboratories,  Inc. 

ATIN:  Deal  Gangemi 

508-967-4093 

H/S  013-A2A 

One  Industricil  Avenue 

lowell,  MA  01851 


Radiation  Sciences,  Inc. 
ATIN:  Chester  B.  Rosiorek 
215-256-4133 
3131  Detweiler  Road 
Harleysville,  PA  19428 


Science  l^lications  Inti.  Corp. 

ATIN:  James  Owen 

619-259-4944 

11696  Sorrento  Vcilley  Road 
San  Diego,  CA  92121 


SEA,  Inc. 

ATIN:  P.  J.  Mondin 
301-925-9400 
1401  MoOormick  Drive 
landover,  MD  20785-5396 


Telecine  Lewisburg 

ATIN:  Iheodore  W.  Dugan,  Jr. 

615-359-4531  1287 

P.  O.  Box  326 

Lewisburg,  IN  37091 


Ikiisys  Corporation 
Federal  Information  Systems 
ATIN:  E.  Harry  Carlson 
801-594-6197 
P.  O.  Box  16225 

Salt  Lake  City,  UT  84116-0225 


Zenitiyinteq,  Inc. 

ATIN:  Steven  G.  Ferguson 
703-471-1500 
13860  Redskin  Drive 
Herndon,  VA  22071 
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January  1992  Endorsed  TEMEEST  Test  Services  List 

Section  II 


Test  Services  Facilities  with  Suspended  Endorsement 
Fending  Facility  Endorsement  Termination  and  I^ppeed. 
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January  1992  Endorsed  TEMPEST  Test  Services  List 

Section  III 

Test  Services  Facilities  Whose  Endorsement  Hhs  Been  Terminated 
Because  of  Failure  to  Gcnply  with  FTTSP  Procedures  and  Requirements 
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Rev.  Date  -  12/3/91 


Index  for  the 
Degausser  Products  List 


Ampex  Corporation  . 

Applied  Magnetics  Lab . 

Bell  &  Howell  Company  . 

CMC  Technology  Corporation  . 

Computer  Link  Corporation  . 

Consolidated  Electrodynamics  . 

Constant  Data  Control  Corp . 

Data  Devices  International  . 

Data  Security,  Inc . 

Datatape  Incorporated  . 

Electro-Matic  Products  Co . 

Garner  Industries  . 

General  Kinetics  Incorporated  . 

Hewlett  Packard  Company  . 

Integra  Technologies  Corporation  .... 

IXI ,  Incorporated  . 

J.C.  Nickels,  Inc . 

KYBE  Corporation  . 

Precision  Methods  . 

Proton  Engineering,  Inc . 

Recoma ,  Inc . 

Rimage  Corporation  . 


8-2,  8-4 
8-5,  8-6 
8-2 
8-2 

8-2,  8-3,  8-4,  8-6 
8-2 
8-6 
8-2 
8-4 
8-3 
8-4 
8-4 
8-3 
8-3 

8-3,  8-4,  8-6 
8-3,  8-7 
8-6 
8-3 
8-6 
8-6 
8-6 


8i 


NATIONAL  SECURITY  AGENCY 
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1.  INTRODUCTION 


The  Degausser  Products  List  (DPL)  lists  the  model  identification  of  equipment  units 
that  were  evaluated  against  and  found  to  satisfy  the  requirements  for  erasure  of  magnetic 
media  that  hold  classified  data.  A  commercial  production  unit  of  each  model  of 
degausser  was  evaluated  against  Department  of  Defense  (DOD)  requirements  for  erasure 
of  classified  tapes  as  set  forth  in  DoD  Manual  5200. 28-M,  "Automated  Data  Processing 
Security",  revised  June  1979,  (now  under  revision).  The  Natipnal  Security  Agency/Central 
Security  Services  (NSA/CSS)  has  implemented  the  Manual’s  specification  in  NSA/CSS 
Specification  L14-4-A,  dated  31  October  1987.  Listing  of  a  product  on  the  DPL  does  not 
constitute  endorsement  of  the  product  by  the  Government  or  NSA,  it  merely  indicates  that 
the  unit  evaluated  has  met  all  applicable  degausser  requirements.  Moreover,  though 
listed  in  the  DPL,  products  must  be  periodically  tested  to  ensure  continued  compliance 
with  the  specification.  NSA/CSS  Specification  L14-4-A,  Section  5,  Degaussing  Level 
Performance  Test  Procedures,  gives  a  test  procedure  to  verify  continued  compliance  with 
the  specification. 

Magnetic  media  are  divided  into  types.  Type  I  products  are  used  to  degauss 
magnetic  media  whose  coercivity  is  no  greater  than  350  Oersteds  (Oe).  Type  11  products 
are  used  to  degauss  magnetic  media  whose  coercivity  is  no  greater  than  750  Oe. 
Coercivity  of  a  magnetic  media  defines  the  magnetic  field  necessary  to  reduce  a 
magnetically-saturated  material’s  magnetization  to  zero.  The  correct  use  of  degaussing 
products  will  ensure  that  classified  data  is  no  longer  retrievable.  NOTE:  IN  ADDITION 
TO  DEGAUSSING,  CERTAIN  ADMINISTRATIVE  PROCEDURES  MAY  BE  REQUIRED 
BEFORE  DEGAUSSED  MAGNETIC  MEDIA  MAY  BE  DECLASSIFIED.  CONSULT  YOUR 
SECURITY  OFFICER  OR  MANAGER  FOR  GUIDANCE  IN  THIS  REGARD. 

Recent  studies  have  shown  that  Type  I  and  11  labels  should  no  longer  be 
associated  with  discussions  involving  the  degaussing  of  floppy  disks  and  hard  disk 
magnetic  media.  Also  note  that  degaussers  are  ineffective  in  erasing  magneto-optic 
recording  media. 

Correct  use  of  these  equipments  is  necessary  to  ensure  inadvertent  disclosure  of 
classified  information  does  not  occur.  Accordingly,  users  having  operational  questions 
about  the  equipment  should  direct  their  questions  to  the  manufacturer.  Questions 
regarding  security  requirements  should  be  addressed  to  your  Security  Officer  or  manager. 

Companies  wishing  to  submit  a  product  to  the  evaluation  process  should  contact: 

National  Security  Agency 

ATTN:  LI 4  Degausser  Evaluation  Program 

9800  Savage  Road 

Ft.  George  G.  Meade,  MD  20755-6000 
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2.  DEGAUSSER  EQUIPMENT 

2.1  Type  I  Degaussers  -  These  degaussers  have  satisfied  the  requirements  to  degauss 
magnetic  tape  having  a  maximum  coercivity  of  350  Oersteds  (Oe).  See  the  applicable 
notes  at  the  end  of  section  2.  NOTE;  Adapters  may  be  necessary  for  degaussing  floppy 
diskettes  and  hard  disk  platters,  or  when  media  dimensions  are  smaller  than  the 
maximum  size  the  degausser  can  accommodate. 

2.1.1  Manual  Loading  Degaussers 

2.1. 1.1  Single  Reel  Degaussers 

MANUFACTURER 

MCDEL  NUMBER 

Ampex  Corporation 

SE20  (2) 

Bell  &  Howell  Company 

TD-2903-4B  (1) 

Consolidated  Electrodynamics 

TD-2903-4A  (2) 

CMC  Technology  Corporation 

2650  Lafayette  St. 

Santa  Clara,  CA  95050-2604 

(408)980-9800 

(212)486-1966 

ATTN:  Ms.  Tami  Reyes 

TD-800 

Computer  Link  Corporation 

515  (2) 

Computer  Link  Corporation 

520  (2) 

Computer  Link  Corporation 

530  (4) 

Computer  Link  Corporation 

538  (4) 

Computer  Link  Corporation 

540  (4) 

Data  Devices  International 

20235  Bahama  St. 

Chatsworth,  CA  91311 
(818)998-2900 

ATTN:  Ms.  Mary  Rose 

Cambrian 

8-2 

MANUFACTURER 


MODEL  NUMBER 


Datatape  Incorporated 
360  Sierra  Madre  Villa 
Pasadena,  CA  91109-7014 
(818)796-9381 

ATTN:  Order  Administration 

Data  Tape  Incorporated 

General  Kinetics  Incorporated 
12300  Parklawn  Dr. 

Rockville,  MD  20852 

(301)881-2044 

ATTN:  Mr.  Shirl  Lakeway 

General  Kinetics  Incorporated 

Hewlett  Packard  Company 

Integra  Technologies  Corporation 
132  Calvary  St. 

Waltham,  MA  02254-9185 

(800)221-5923 

ATTN:  Sales  Department 

Integra  Technologies  Corporation 

Integra  Technologies  Corporation 

KYBE  Corporation 

2.1.1 .2  Multiple  Reel  Degaussers 

IXI,  Incorporated 

Rimage  Corporation 
6210  Bury  Drive 
Eden  Prairie,  MN  55346 
(800)445-8288 

ATTN:  Ms.  Arleen  S.  Hedge 


TD-500 


TD-2903-4B 

K90 


K80  (2,3) 
3603  A  (2) 
D530 


D538 
D540 
1100  (2) 

5661 C  (5) 
5661 C 
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2.1.2  Continuous  Loading  Degaussers  -  These  are  continuous  loading  (conveyor  belt) 
degaussers. 

MANUFACTURER 

MODEL  NUMBER 

Electro-Matic  Products  Co. 

2235  N.  Knox  Ave. 

Chicago,  IL  60639 
(312)235-4010 

2PTFB15-17 

Electro-Matic  Products  Co. 

2PTFB15-18 

Electro-Matic  Products  Co. 

2PTFB15-113 

Garner  Industries 

4200  N.  48th  St. 

Lincoln,  NE  68504 
(402)464-5911 

2700 

1 

2.2  Type  II  Degaussers  -  These  degaussers  have  satisfied  the  requirements  to  ^ 

degauss  magnetic  tape  having  a  maximum  coercivity  of  750  Oe.  See  the  applicable  notes 
at  the  end  of  section  2.  NOTE:  Adapters  may  be  necessary  when  media  dimensions  are 
smaller  than  the  maximum  size  the  degausser  can  accommodate. 

2.2.1  Manual  Loading  (Single  Reel)  Degaussers 

Ampex  Corporation 

600  Wooten  Rd. 

Colorado  Springs,  CO  80915 
(800)227-8402 

ATTN:  Mr.  Larry  Roberts 

SE  750 

Computer  Link  Corporation 

550  (2) 

Data  Security,  Inc. 

2801  N.  27th  St. 

Lincoln,  NE  68521 

(402)464-5858 

(800)225-7554 

ATTN:  Mr.  Brian  Boles 

Type  II,  900-0001 

Data  Security,  Inc. 

Type  II,  902-0001 

Integra  Technologies  Corporation 

D538-II 
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2.2.2  Continuous  Loading  Degaussers  -  These  are  continuous  loading  (conveyor  belt) 
degaussers.  NOTE:  At  the  time  of  issue  of  this  document,  no  manufacturers  have 
satisfied  the  requirements  to  supply  this  product. 

Notes; 


1.  This  model  is  now  being  manufactured  by  Data  Tape  Inc. 

2.  Production  of  this  model  has  been  discontinued.  Existing  models  under  this 
note  are  still  acceptable  for  use. 

3.  When  using  this  model  for  tape  reels  wider  than  1/2  inch,  the  tape  must  be 
turned  over  and  degaussed  a  second  time. 

4.  This  model  is  now  being  manufactured  by  Integra  Technologies  Corporation. 

5.  This  model  is  now  being  manufactured  by  Rimage  Corporation. 


3.  PERMANENT  MAGNET  DEGAUSSERS 

3.1  Hand-held  Degaussers  -  These  are  hand-held  permanent  magnets  that  have 
satisfied  the  requirements  to  degauss  floppy  disks,  disk  packs,  disk  platters,  magn^ic 
drum  surfaces,  bubble  memory  chips  and  thin  film  memory  modules.  See  the  applicable 
notes  at  the  end  of  section  3. 

To  degauss  disk  packs,  cover  the  hand-held  magnet  with  a  lintless  tissue,  wiping 
cloth,  or  layer  of  thin  plastic  as  a  means  of  preventing  damage  to  the  recording  surface. 
Insert  the  degaussing  wand  into  the  disk  pack  so  that  the  active  magnetic  portion 
completely  covers  the  recording  surface  of  the  disk  from  hub  to  perimeter.  Wipe  each 
active  disk  surface  (top  and  bottom)  at  least  three  times  with  the  magnet. 

MANUFACTURER 

Applied  Magnetics  Lab. 

1404  Bare  Hills  Rd. 

Baltimore,  MD  21209 
(301)583-2100 
ATTN:  Ms.  Linda  Nolan 

Applied  Magnetics  Lab. 

Applied  Magnetics  Lab. 


MODEL  NUMBER 
42-P-MEM 

4744H 

AML-6KG 
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MANUFACTURER 

Computer  Link  Corp. 

Computer  Link  Corp. 

Constant  Data  Control  Corp. 

Integra  Technologies  Corp. 

Precision  Methods 

Precision  Methods 

Recoma,  Inc. 

400  Myrtle  Ave. 

Boonton,  NJ  07005 
(201)335-2533 
ATTN:  Mr.  Rich  Vester  or 
Mr.  Terry  Loughery 


MODEL  NUMBER 
600-F4  (1) 

600-F5  (1) 
42-P-MEM  (1) 
I600-F4 
1500  (1) 

2000  (1) 

4KG 


3.2  Floppy  Disk  Degaussers  -  These  are  enclosed  permanent  magnets  that  have 
satisfied  the  requirements  to  degauss  floppy  disk  media  (8  inch,  5  1  /4  inch,  and  smaller). 
To  properly  degauss  floppy  disks,  pass  the  disk  through  the  entry  slot,  turn  the  disk  90 
degrees  and  slide  the  disk  through  the  slot  again. 

Applied  Magnetics  Lab.  Data  Muncher 

J.C.  Nickels,  Inc.  Model  1084  Bit  Scrubber  (2) 

Proton  Engineering,  Inc.  Model  1084 

3251  SW  Buena  Vista  Blvd. 

Palm  City,  FL  34990 

(407)597-4298 

ATTN;  Mr.  William  Olliges 

Proton  Engineering,  Inc.  Model  1090 


Notes: 


1.  Production  of  this  model  has  been  discontinued.  Existing  models  under  this 
note  are  still  acceptable  for  use. 


2.  This  model  is  now  being  manufactured  by  Proton  Engineering,  Inc. 
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4.  Special  Purpose  Degaussers  -  These  are  special  purpose,  large  cavity 
electro-magnet  degaussers  that  have  satisfied  the  requirements  to  degauss  the  following 
types  of  magnetic  recording  media:  floppy  disks,  disks  packs,  sealed  disk  packs,  hard 
disks,  Winchester  disk  drives,  and  disk  platters.  All  steel  shielding  materials,  (i.e.,  casings, 
cabinets,  and  mounting  brackets)  which  may  interfere  with  the  degausser  s  magnetic  field 
must  be  removed  from  the  disk  drive  before  degaussing. 

MANUFACTURER  MODEL  NUMBER 

1X1,  Incorporated  5661 C  (5) 

Rimage  Corporation  5661 C 

Notes: 

1 .  Must  be  operated  at  2200  Oersteds. 

2.  The  IXI  degausser  is  not  qualified  to  erase  disk  media  composed  of  barium 
ferrite  materials  or  media  with  coercivity  ratings  above  1100  Oersteds. 

3.  The  bulk  erasure  of  sealed  disks  packs  and  hard  drives  may  cause  damage 
(i.e.,  loss  of  timing  tracks  and  servo  motors)  which  may  prohibit  their  continued  use. 

4.  The  IXI  degausser  is  also  listed  in  Section  2. 1.1. 2  as  being  an  effective 
degausser  for  Type  I  magnetic  tapes. 

5.  This  model  is  now  being  manufactured  by  Rimage  Corporation. 
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OFF-LINE  SYSTEMS 


Introduction 


This  section  is  intended  primarily  for  use  by  military, 

DoD,  and  Civil  Agency  customers.  Off-line  systems  continue  to 
be  a  vital  means  for  satisfying  certain  information  systems 
security  requirements.  In  many  cases,  off-line  is  preferable 
because  it  is  readily  releasable,  available,  portable, 
inexpensive,  and  can  be  tailored  to  the  customers  needs.  The 
current  off-line  program  includes  manual  cryptosystems,  call 
sign  and  frequency  systems,  the  KL-43  automanual  device,  and  the 
Revised  Battlefield  Electronic  CEOI  System  (RBECS).  The  future 
of  off-line  is  an  integrated  plan  which  includes  modular 
devices,  automanual  systems,  software-based  systems,  simplified 
paper  products,  and  traditional  paper  systems. 

Status 


Manual  Systems; 

NSA  currently  supports  over  1300  paper-based  cryptosystems, 
made  up  of  operations  codes,  numeral  and  literal  cipher  systems, 
authentication  systems,  and  one-time  pads.  Many  of  the  manual 
cryptosystems  available  today  were  first  developed  approximately 
20  years  ago,  and  have  been  product  improved  to  some  extent  over 
the  years.  As  a  result,  some  products  have  been 
cryptographically  upgraded  while  others  are  being  replaced  by 
newer  systems  of  off-line  devices. 

KL-43 


The  KL-43  is  an  automanual,  electronic  device  designed  to 
encrypt  (or  decrypt)  alpha-number ic  messages  for  transmission 
over  non-secure  radiotelephone.  The  devices  are  portable 
keyboards  that  are  keyed  using  printed,  non-perforated  paper 
tape.  In  the  field,  KL-43s  provide  an  alternative  when  secure 
voice  (VINSON  or  SINCGARS)  or  other  secure  means  are  not 
available.  In  the  office,  or  while  traveling  the  KL-43  offers  a 
means  of  highly  transportable  off-line  cryptography. 

Signal  Operation  Instructions  (SOI) 

SOI,  also  called  CEOI  (Communication-Electronics  Operation 
Instructions),  are  a  system  of  changing  the  call  signs  and  radio 
frequencies  used  during  training  and  combat  operations  to  hinder 
enemy  traffic  analysis  and  direction-finding.  SOIs  do  not 
protect  message  text  but  rather  are  a  transmission  security 
(TRANSEC)  tool.  SOI  booklets  today  are  centrally  produced  by 
the  NSA,  and  then  distributed  to  users  around  the  world. 
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Trends 


With  manual  cryptosystems,  the  current  trend  is  to  simplify 
off-line  paper  systems  where  feasible,  and  replace  them  with 
electronic  off-line  devices  where  practical.  In  either  case, 
the  process  involves  applying  the  appropriate  system  to  the 
exact  needs  of  the  users. 

The  Revised  Battlefield  Electronic  CEOI  System  (RBECS)  is 
an  automated  system  for  locally  generating  SOI  and  fill  data  for 
the  SINCGARS  type  frequency-hopping  radio.  Once  fully  deployed 
RBECS  will  consist  of  four  basic  components;  the  Lightweight 
Computing  Unit  (LCU),  RBECS  Software,  the  Random  Data  Generator 
(RDG),  and  the  Transfer  Device  (DTD). 

The  NSA  conducts  annual  Off-Line  COMSEC  User's  Conferences. 
The  purpose  of  these  conferences  is  to  support  the  maintenance 
of  an  effective  Off-Line  Plan  that  identifies  current 
capabilities  and  projects  near-term  and  long-term  future  off¬ 
line  needs  ad  program  trends. 

Initiatives 


Research  and  development  resources  are  programmed  and  will 
be  applied  to  several  initiatives  that  will  provide  for  the 
emerging  off-line  products  and  techniques  for  the  1990s.  The 
NSA  has  initiated  the  design  of  off-line  modular  building  blocks 
to  support  the  evolutionary  replacement  for  the  KL-43.  The 
building  block  approach  will  utilize  1990s  technology,  offer 
greater  application  flexibility,  and  provide  for  faster  turn¬ 
around  from  product  development  to  fielding.  R&D  resources 
will  also  be  applied  to  developing  software/disk-based  solutions 
to  off-line  needs  where  appropriate. 

We  are  presently  investigating  the  technology  for 
developing  a  modular,  building-block,  second  generation 
automanual  device;  researching  and  developing  a  floppy  disk- 
based  off-line  cryptosystem;  and  looking  to  develop  a  Joint 
Electronic  Counter-Countermeasures  (ECCM)  TRANSEC  Support  System 
concept  definition  as  an  interoperable  version  and  follow-on  to 
the  RBECS. 

Overall,  the  off-line  direction  for  the  future  is  to 
develop  a  variety  of  off-line  capabilities  that  meet  the  off¬ 
line  goals  of  availability,  portability,  cost-effectiveness,  and 
interoperability,  and  that  are  user-tailored  to  satisfy  all  off¬ 
line  requirements. 
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For  additional  information  contact: 


Director 

National  Security  Agency 
ATTN;  V27 

Fort  George  G.  Meade,  MD  20755-6000 


♦U.S.OOVERNMENT  PRINTING  OFFICE:  liWl  5:^4-895/40553 
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